Bug#402822: marked as done (flashplugin-nonfree: HTTP header injection vulnerabilities (CVE-2006-5330))

Wed, 02 Apr 2008 11:07:30 -0700 

Your message dated Wed, 02 Apr 2008 19:56:36 +0200
with message-id <[EMAIL PROTECTED]>
and subject line flashplugin-nonfree: removed from stable and from oldstable
has caused the Debian Bug report #402822,
regarding flashplugin-nonfree: HTTP header injection vulnerabilities 
(CVE-2006-5330)
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [EMAIL PROTECTED]
immediately.)


-- 
402822: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=402822
Debian Bug Tracking System
Contact [EMAIL PROTECTED] with problems
--- Begin Message --- 
Package: flashplugin-nonfree
Version: 9.0.21.78.3
Severity: important
Tags: security

According to the upstream security bulletin
<http://www.adobe.com/support/security/bulletins/apsb06-18.html>:

"Adobe has provided a Flash Player updates to resolve potential
vulnerabilities in Adobe Flash Player. These vulnerabilities could
allow remote attackers to modify HTTP headers of client requests and
conduct HTTP Request Splitting attacks."

Adobe classifies this as "important", meaning that it could be
exploited to "compromise data security, potentially allowing access to
confidential data, or could compromise processing resources in a
user's computer."

-- System Information:
Debian Release: 4.0
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.17-2-686
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)

Versions of packages flashplugin-nonfree depends on:
ii  debconf [debconf-2.0]         1.5.8      Debian configuration management sy
ii  gsfonts-x11                   0.20       Make Ghostscript fonts available t
ii  libxext6                      1:1.0.1-2  X11 miscellaneous extension librar
ii  libxmu6                       1:1.0.2-2  X11 miscellaneous utility library
ii  libxt6                        1:1.0.2-2  X11 toolkit intrinsics library
ii  wget                          1.10.2-2   retrieves files from the web

Versions of packages flashplugin-nonfree recommends:
pn  xfs                           <none>     (no description available)

-- debconf information excluded

--- End Message ---
--- Begin Message --- 
http://packages.qa.debian.org/f/flashplugin-nonfree/news/20080331T151403Z.html
http://packages.qa.debian.org/f/flashplugin-nonfree/news/20080216T124605Z.html

--- End Message ---

Reply via email to