Your message dated Mon, 13 Jun 2016 22:17:18 +0000 with message-id <e1bcaay-0002it...@franck.debian.org> and subject line Bug#826402: fixed in quassel 1:0.10.0-2.3+deb8u3 has caused the Debian Bug report #826402, regarding quassel: CVE-2016-4414: remote DoS due to invalid handshake data to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 826402: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=826402 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: quasselcore Version: 1:0.10.0-2.3+deb8u2 Severity: normal Tags: security Hi, The following vulnerability was published for quassel. CVE-2016-4414: remote DoSdue to invalid handshake data This is fixed in this commit: https://github.com/quassel/quassel/commit/e67887343c433cc35bc26ad6a9392588f427e746 Cheers, -- System Information: Debian Release: 8.5 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.16.0-4-amd64 (SMP w/2 CPU cores) Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system)
--- End Message ---
--- Begin Message ---Source: quassel Source-Version: 1:0.10.0-2.3+deb8u3 We believe that the bug you reported is fixed in the latest version of quassel, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 826...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Pierre Schweitzer <pie...@reactos.org> (supplier of updated quassel package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sun, 05 Jun 2016 12:41:35 +0200 Source: quassel Binary: quassel-core quassel-client quassel quassel-data quassel-client-kde4 quassel-kde4 quassel-data-kde4 Architecture: source amd64 all Version: 1:0.10.0-2.3+deb8u3 Distribution: jessie Urgency: medium Maintainer: Thomas Mueller <thomas.muel...@tmit.eu> Changed-By: Pierre Schweitzer <pie...@reactos.org> Description: quassel - distributed IRC client - Qt-based monolithic core+client quassel-client - distributed IRC client - Qt-based client component quassel-client-kde4 - distributed IRC client - KDE-based client quassel-core - distributed IRC client - core component quassel-data - distributed IRC client - shared data (Qt version) quassel-data-kde4 - distributed IRC client - shared data (KDE4 version) quassel-kde4 - distributed IRC client - KDE-based monolithic core+client Closes: 826402 Changes: quassel (1:0.10.0-2.3+deb8u3) jessie; urgency=medium . * Non-maintainer upload. * Fix CVE-2016-4414: remote DoS in quassel core with invalid handshake data. (Closes: #826402) - Add debian/patches/CVE-2016-4414.patch, cherry-picked from upstream. Checksums-Sha1: e51ab98e59957d60ed8834d30ce8c6e8bf032d7e 2368 quassel_0.10.0-2.3+deb8u3.dsc 27822f284c4fc2466a22e365e99743a5cec9f94d 23640 quassel_0.10.0-2.3+deb8u3.debian.tar.xz 808b4e6e2f22e23b603e3160fc5c95531ff3f4be 1647860 quassel-core_0.10.0-2.3+deb8u3_amd64.deb 637848e762a0e3a17903330570b05d456e39d966 2439960 quassel-client_0.10.0-2.3+deb8u3_amd64.deb 2f713bb2ff4bec850024cf7ebc197a0abfcac0b5 2849662 quassel_0.10.0-2.3+deb8u3_amd64.deb b24db864915d243603c650c5a5d6ee8aef11a970 23094 quassel-data_0.10.0-2.3+deb8u3_all.deb 84ad521123a514655b12024cf26262d7fdc17bdb 839152 quassel-client-kde4_0.10.0-2.3+deb8u3_amd64.deb 7f152d8ba3b2b15a500b0ea83704158cb68e81b2 1076862 quassel-kde4_0.10.0-2.3+deb8u3_amd64.deb 17909c130ac101eb69044249c35aa0d152fd4c26 625600 quassel-data-kde4_0.10.0-2.3+deb8u3_all.deb Checksums-Sha256: 9985be51e5c07591e3f3617cbad4a5281d279efbcbe3c682ce42ac7bc2d2547e 2368 quassel_0.10.0-2.3+deb8u3.dsc 9c28918ced7f3940933def7a7524c2df0a5881678c8e029b604e4ceb0a88f21e 23640 quassel_0.10.0-2.3+deb8u3.debian.tar.xz b22c64fe1110acc494b1b9c75a7536b1ab593b7f4b2b695084be30495f6af775 1647860 quassel-core_0.10.0-2.3+deb8u3_amd64.deb b1765d92e30207ed2534cd6524604bfaf02b992fb9926385dd9dffc003edf22c 2439960 quassel-client_0.10.0-2.3+deb8u3_amd64.deb 49441806bb402c2a10eaaadc6c8f5d7cc351d5fcc6d3189ced5157de0851a896 2849662 quassel_0.10.0-2.3+deb8u3_amd64.deb 2fcf87c8abe0eab55e46efd601f991752c29603d79622c9aaef98f873c039485 23094 quassel-data_0.10.0-2.3+deb8u3_all.deb aa677d3ad010caa9ed83f193b01d2239269b707792a94d432f30f284a37584dc 839152 quassel-client-kde4_0.10.0-2.3+deb8u3_amd64.deb 6d99b936b3f870391813389cd00c36a4c640f4f2a7a1ae8a8ef7032d4bba8db3 1076862 quassel-kde4_0.10.0-2.3+deb8u3_amd64.deb 5bc6e0cfeac7b424a30b7ed485a4d785787fe4b2dc848a12cf1616f6dffc7a85 625600 quassel-data-kde4_0.10.0-2.3+deb8u3_all.deb Files: 2410b5cb7c963cfa0c68013faf6a5f04 2368 net optional quassel_0.10.0-2.3+deb8u3.dsc 87cfe018e7f26fa986c443673c6bcb11 23640 net optional quassel_0.10.0-2.3+deb8u3.debian.tar.xz eb7ba1fa580c9470e8c6663a6b8c0c6d 1647860 net optional quassel-core_0.10.0-2.3+deb8u3_amd64.deb 17e096945096082040d3e852baeab6cd 2439960 net optional quassel-client_0.10.0-2.3+deb8u3_amd64.deb 1b4d1183696b051afdab84f1457df3c9 2849662 net optional quassel_0.10.0-2.3+deb8u3_amd64.deb f2f6a0b285424426072b0979fbccd6ed 23094 net optional quassel-data_0.10.0-2.3+deb8u3_all.deb 3d86c66106701f5f1e1597eb700a7232 839152 net optional quassel-client-kde4_0.10.0-2.3+deb8u3_amd64.deb 7b78a4e34125d425a23fda6a6631098c 1076862 net optional quassel-kde4_0.10.0-2.3+deb8u3_amd64.deb ca39a4383c32ccecd4ec4166ed4cf054 625600 net optional quassel-data-kde4_0.10.0-2.3+deb8u3_all.deb -----BEGIN PGP SIGNATURE----- iQIcBAEBCgAGBQJXWx6KAAoJEP4ixv2DE11F76AQAKFwGbyQW6wrXPKs5hO1ZPbQ EoFw/qpPQSegxvzM3ZVMCa63VNgF4whQ8iOlYrGAWDAq/61Ks3U6uIYOIxSn05R+ YTLT4ER2YzKXnySGw7k6gI4P2/QLBFNGcXbZJBJDQumxxTjfs5d0qt7YpfGYCAi7 V4KZldIyX8Pwy6xEKjzF3N/uHpwEqcl+oKhNz7cbFpQ+BNnt1q0lpqYiujJUF4yC k9sokClSdLbbYZ8a2oVnjQXTVDQR3+oe0ur2WZ51Ev+JRgN18iGs65HKA7uqPDMp ptV+Nwx2YLz1cA98bDw+fPBmpL0hOnOwJ1edeHSTZYCr0iR50rwrJ9LAqt9ByOjF Ixu2pbZZUEIqUiNOj0ADakE+25ctVwRflStq8QbUqQpGTb9fxjepAMeZab00KXrX uBougChTBRQTIbrUKYQANKkJsRoaZxgxU7saIX6ZlWaXbzpIZFxqTXngoNCYj8LX 83NneaW3PUWji6bbWluFv9mI+eSlw4O/c3Vdb7gUTke0Rl1OMMxgAnwHrS9od4pw qTzMMMLYBTwOcAP4ihGKE+4PVAK5DFMsg/wGaDrpwtxW7ANlsRCIY0REULfBz9p8 B+zgt/FMdKGkvg+nVzS1uzm+ZsUt8uBlSsfbgPkJ3UhFpl7Wc7/zxL5n5zb+IZwI MUqmUgum201KP287X3xF =2/rz -----END PGP SIGNATURE-----
--- End Message ---
_______________________________________________ pkg-kde-extras mailing list pkg-kde-extras@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-kde-extras
