Your message dated Thu, 12 Dec 2013 15:23:50 +0000 with message-id <e1vr87c-0001fd...@franck.debian.org> and subject line Bug#731933: fixed in libmicrohttpd 0.9.32-1 has caused the Debian Bug report #731933, regarding libmicrohttpd: CVE-2013-7038 CVE-2013-7039 to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 731933: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=731933 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: libmicrohttpd Severity: grave Tags: security Please see https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-7038 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-7039 This doesn't warrant a DSA, but can still be fixed in a point update if needed: http://www.debian.org/doc/manuals/developers-reference/pkgs.html#upload-stable Cheers, Moritz
--- End Message ---
--- Begin Message ---Source: libmicrohttpd Source-Version: 0.9.32-1 We believe that the bug you reported is fixed in the latest version of libmicrohttpd, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 731...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Bertrand Marc <beberk...@gmail.com> (supplier of updated libmicrohttpd package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Wed, 11 Dec 2013 17:30:36 +0100 Source: libmicrohttpd Binary: libmicrohttpd10 libmicrohttpd-dbg libmicrohttpd-dev Architecture: source amd64 Version: 0.9.32-1 Distribution: unstable Urgency: medium Maintainer: Bertrand Marc <beberk...@gmail.com> Changed-By: Bertrand Marc <beberk...@gmail.com> Description: libmicrohttpd-dbg - library embedding HTTP server functionality (debug) libmicrohttpd-dev - library embedding HTTP server functionality (development) libmicrohttpd10 - library embedding HTTP server functionality Closes: 731933 Changes: libmicrohttpd (0.9.32-1) unstable; urgency=medium . * Imported Upstream version 0.9.32 + Fix CVE-2013-7038 and CVE-2013-7039 (Closes: #731933). * debian/libmicrohttpd10.symbols: + remove 2 unused symbols. + add a new one from 0.9.30. + add 2 new ones from 0.9.32. * Refresh the only patch. * debian/rules: remove an old cleaning rule after install. Checksums-Sha1: 7965b835546e249cfde4e523b1db640ff68041dc 2089 libmicrohttpd_0.9.32-1.dsc ff7ff057964710f3eae52711e6d06e85bfe5ed83 1124859 libmicrohttpd_0.9.32.orig.tar.gz 9c76c271ac5b3861216b78803bcea0731ef9e81a 5728 libmicrohttpd_0.9.32-1.debian.tar.gz 26b406bf84270f9934095c3e52f7fa4ef14efcd7 61002 libmicrohttpd10_0.9.32-1_amd64.deb 366e1cddd145f9680682c053f1d07b48aa77b9da 109482 libmicrohttpd-dbg_0.9.32-1_amd64.deb 859948decb60fb0a04f59b34cd4ee9b6ff6233f0 169224 libmicrohttpd-dev_0.9.32-1_amd64.deb Checksums-Sha256: 222167f1a12ef03140750452645ad9e82c27cd195be6ac3de19c2073efffa252 2089 libmicrohttpd_0.9.32-1.dsc e554b8e1313b336616a460aca0ac1fc8c96552320bc1d4dc503ce00bfb70d89c 1124859 libmicrohttpd_0.9.32.orig.tar.gz e5c5a98f182567b7869df9988fcaef9b8d20962ee0e9fb15d4706f025ae359ab 5728 libmicrohttpd_0.9.32-1.debian.tar.gz bf5adb943daa31627701b39984351831e8f0c67f9d959d7f14fb57000d9c9ea0 61002 libmicrohttpd10_0.9.32-1_amd64.deb 8aadb783e369b72ee191a4ae0dfd10cc080a6db95f5cdda80ad1ff72defd3686 109482 libmicrohttpd-dbg_0.9.32-1_amd64.deb 6459089c8059aa1b6be8c7229665ae988f9bfe85a4b281c3548f6953589bb2ed 169224 libmicrohttpd-dev_0.9.32-1_amd64.deb Files: 413fabd53936cd4fbd226abe212b0838 2089 libs optional libmicrohttpd_0.9.32-1.dsc 29dcc1c201c36044be2c3f816c64a5bb 1124859 libs optional libmicrohttpd_0.9.32.orig.tar.gz 001fbcf3cbef9fcb833b9757a606bca7 5728 libs optional libmicrohttpd_0.9.32-1.debian.tar.gz 6780cc33736622fa61189f1a54dd12b8 61002 libs optional libmicrohttpd10_0.9.32-1_amd64.deb a39dae8579c0f075a14e0f29f72ba0f1 109482 debug extra libmicrohttpd-dbg_0.9.32-1_amd64.deb 9c53e9922eb5cf58cbaa0a61ef385166 169224 libdevel optional libmicrohttpd-dev_0.9.32-1_amd64.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQIVAwUBUqnS2gkauFYGmqocAQie2Q//fX7xQ9EOjXmuyeT0ppwQgg4Zj3H0c+UN mkNuloeO10nZPqbDpTkhh7khz5d3EmIhOVUrcSINPQrSwAIjHubGALB0kRfYA/nN 273HY44HASVCJud45kF888RrYlsHYUpTfvdz9LaUTBgkj6QsJ1p4W4VZY6j6qS7r ZfhQPFC7xRA4aI8v/Ur/ynkyUVNdLBFUpkZkKo07fB93p841K/s4PJLVw8yzbfW9 yz7z2iR1WX1gb/Td0SecZ4dbEUvYd+HDvy/c61G91Ey4FOetWZghwTpyIB4NLIc7 TWmLOjq7zE2wBpaDdlGVR4r8bIVnWIc6AlH/GM6CCuLk53UjUUEhrEZbdhdRq/+E uNpCU3estgyp8+iKHVtBSRUiwfQLda7PcXmUS3oYwcN9QFjPAlapRE0r0tSme6Q0 6b2UfXSDfs8mk9gAeeSxq8uzY6sHHO4JaYfMHzE37GvK4PrJ9iLlYuIzTQonSyWD sTeaQcN/Pps5LFEpvlj/G4rA00irwMcgzTZavKGNkt1t2yN0GDNYTVH12BaWGoU+ 15q4pA2n7dttkbWCxSZtIqyFU+0yn1HC7YlZ4FN/C/8s3KahRJcNbigYvHa75J/X JqtPQna/4cW0KuSmiebPMGtQu4bVF9YU24ye0ZfyZwssOJEZKaZawgzx99wU4rk9 ckchOLK8gd4= =5K/l -----END PGP SIGNATURE-----
--- End Message ---
