Bug#587819: marked as done (CVE-2009-4839)

Debian Bug Tracking System Sat, 03 Jul 2010 00:04:42 -0700

Your message dated Sat, 03 Jul 2010 06:47:09 +0000
with message-id <[email protected]>
and subject line Bug#587819: fixed in acidbase 1.4.5-1
has caused the Debian Bug report #587819,
regarding CVE-2009-4839
to be marked as done.


This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
587819: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=587819
Debian Bug Tracking System
Contact [email protected] with problems

--- Begin Message ---

Package: acidbase
Severity: important
Tags: security

Hi,
the following issues seem to be open in squeeze:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4839

Cheers,
        Moritz

-- System Information:
Debian Release: squeeze/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: i386 (i686)

Kernel: Linux 2.6.32-5-686 (SMP w/1 CPU core)
Locale: LANG=C, lc_ctype=de_de.iso-8859...@euro (charmap=ISO-8859-15)
Shell: /bin/sh linked to /bin/bash

Versions of packages acidbase depends on:
pn  dbconfig-common               <none>     (no description available)
ii  debconf [debconf-2.0]         1.5.32     Debian configuration management sy
pn  libphp-adodb                  <none>     (no description available)
ii  libwww-perl                   5.836-1    Perl HTTP/WWW client/server librar
pn  mysql-client | virtual-mysql- <none>     (no description available)
pn  php5 | php4 | php5-cli | php4 <none>     (no description available)
pn  postgresql-client             <none>     (no description available)

acidbase recommends no packages.

Versions of packages acidbase suggests:
pn  snort-mysql | snort-pgsql     <none>     (no description available)

--- End Message ---

--- Begin Message ---

Source: acidbase
Source-Version: 1.4.5-1

We believe that the bug you reported is fixed in the latest version of
acidbase, which is due to be installed in the Debian FTP archive:

acidbase_1.4.5-1.diff.gz
  to main/a/acidbase/acidbase_1.4.5-1.diff.gz
acidbase_1.4.5-1.dsc
  to main/a/acidbase/acidbase_1.4.5-1.dsc
acidbase_1.4.5-1_all.deb
  to main/a/acidbase/acidbase_1.4.5-1_all.deb
acidbase_1.4.5.orig.tar.gz
  to main/a/acidbase/acidbase_1.4.5.orig.tar.gz



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Jeremy T. Bouse <[email protected]> (supplier of updated acidbase package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Sat, 03 Jul 2010 02:01:54 -0400
Source: acidbase
Binary: acidbase
Architecture: source all
Version: 1.4.5-1
Distribution: unstable
Urgency: low
Maintainer: Jeremy T. Bouse <[email protected]>
Changed-By: Jeremy T. Bouse <[email protected]>
Description: 
 acidbase   - Basic Analysis and Security Engine
Closes: 577570 587819
Changes: 
 acidbase (1.4.5-1) unstable; urgency=low
 .
   * New upstream version -
     - fixes undefined method errors in php 5.3 (Closes: #577570)
     - addresses XSS vulnerabilities in CVE-2009-4839 (Closes: #587819)
   * updated 02_update_external_links.dpatch for new version
Checksums-Sha1: 
 50f078d2cbb950d708f82d9ac0422c69694abc3e 1207 acidbase_1.4.5-1.dsc
 f81c351dcc7333c03b70dc5bbbb46bc6e77dc3b5 958567 acidbase_1.4.5.orig.tar.gz
 4481d11b0516da375478b2e86ccfd16d1058052c 23450 acidbase_1.4.5-1.diff.gz
 5fdfb4120a802e499035824656a007a485c293d7 405894 acidbase_1.4.5-1_all.deb
Checksums-Sha256: 
 a35475d852a870337fbefa91ce9d3797dd5d448a7cac751972d59ddbd2b552a5 1207 
acidbase_1.4.5-1.dsc
 23910f5277ceb43398442074e444182941bf7f6da85efd84ecdd0cf62c4b8935 958567 
acidbase_1.4.5.orig.tar.gz
 1bd301c51bea578dbf08a4dcaa42991d0b2f7ee9df9a60ced4408ca512086741 23450 
acidbase_1.4.5-1.diff.gz
 9dd93c043c86e0bc4c716a153d04a33994f6bb03015391f5525313e784a8b32c 405894 
acidbase_1.4.5-1_all.deb
Files: 
 4fc91e1d6e4fb39736dd7e6b921dd90d 1207 web optional acidbase_1.4.5-1.dsc
 2ce7de089b7b860f8230731f94a02044 958567 web optional acidbase_1.4.5.orig.tar.gz
 cf238f6e404c51068d285f695f9484ac 23450 web optional acidbase_1.4.5-1.diff.gz
 5e4257b3033441986a976a0097274f0b 405894 web optional acidbase_1.4.5-1_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iEYEARECAAYFAkwu2FsACgkQQC3kTXT35kA9HgCfa61GDVxuICqVmD3VM1ymP6eZ
+I4AoPmntjpyQTM0YZGnqQHCPRyphwCK
=TBib
-----END PGP SIGNATURE-----

--- End Message ---

Bug#587819: marked as done (CVE-2009-4839)

Reply via email to