Your message dated Tue, 22 Jul 2008 13:55:43 +0300
with message-id <[EMAIL PROTECTED]>
and subject line Re: Bug#491679: libfilesys-smbclient-perl: Missing input
sanitising
has caused the Debian Bug report #491679,
regarding libfilesys-smbclient-perl: Missing input sanitising
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [EMAIL PROTECTED]
immediately.)
--
491679: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=491679
Debian Bug Tracking System
Contact [EMAIL PROTECTED] with problems
--- Begin Message ---
Package: libfilesys-smbclient-perl
Severity: grave
Tags: security
Justification: user security hole
No CVE has been assigned so far:
http://www.securityfocus.com/archive/1/494536
Cheers,
Moritz
-- System Information:
Debian Release: 4.0
APT prefers stable
APT policy: (990, 'stable')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.18
Locale: [EMAIL PROTECTED], [EMAIL PROTECTED] (charmap=UTF-8)
--- End Message ---
--- Begin Message ---
-=| gregor herrmann, Mon, Jul 21, 2008 at 07:58:08PM +0200 |=-
> On Mon, 21 Jul 2008 11:46:54 +0200, Moritz Muehlenhoff wrote:
>
> > Package: libfilesys-smbclient-perl
> > http://www.securityfocus.com/archive/1/494536
>
> Maybe I'm wrong but this report talks about
> http://search.cpan.org/dist/Filesys-SmbClientParser/ (2.7),
> but the package libfilesys-smbclient-perl refers to
> http://search.cpan.org/dist/Filesys-SmbClient/ (where we're at 3.1);
> and I don't see any trace of Filesys-SmbClientParser in Debian.
I also searched for backticks (`command params..`), qx and 'exec' in
libfilesys-smbclient-perl and found nothing.
I am closing this bug and will also send an 'oops' to
http://rt.cpan.org/Public/Bug/Display.html?id=37818 .
--
dam JabberID: [EMAIL PROTECTED]
signature.asc
Description: Digital signature
--- End Message ---