Your message dated Fri, 03 Aug 2012 21:47:12 +0000
with message-id <[email protected]>
and subject line Bug#683418: fixed in fckeditor 1:2.6.6-3
has caused the Debian Bug report #683418,
regarding [Debian RT] CVE-2012-4000: XSS vulnerability in fckeditor
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
683418: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683418
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: fckeditor
Severity: important
Hi,
an XSS vulnerability was found in fckeditor before 2.6.7. Please try to
fix the problem using an isolated fix since we are in freeze.
More info can be found at
http://disse.cting.org/2012/06/22/fckeditor-reflected-xss-vulnerability/
Regards,
--
Yves-Alexis
-- System Information:
Debian Release: wheezy/sid
APT prefers unstable
APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable'), (1,
'experimental')
Architecture: amd64 (x86_64)
Kernel: Linux 3.2.0-3-grsec-amd64 (SMP w/4 CPU cores)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
--- End Message ---
--- Begin Message ---
Source: fckeditor
Source-Version: 1:2.6.6-3
We believe that the bug you reported is fixed in the latest version of
fckeditor, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Frank Habermann <[email protected]> (supplier of updated fckeditor package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Fri, 03 Aug 2012 23:04:00 +0200
Source: fckeditor
Binary: fckeditor
Architecture: source all
Version: 1:2.6.6-3
Distribution: unstable
Urgency: high
Maintainer: Frank Habermann <[email protected]>
Changed-By: Frank Habermann <[email protected]>
Description:
fckeditor - rich text format javascript web editor
Closes: 683418
Changes:
fckeditor (1:2.6.6-3) unstable; urgency=high
.
* fixed XSS vulnerability in spellchecker (Closes: #683418) [CVE-2012-4000]
Checksums-Sha1:
51f49ae0838a5c36c63d7b48fd8cf617dd5a67f6 1709 fckeditor_2.6.6-3.dsc
1a0833522c9ca4835fe60e1f2e98158d512f43c2 4685 fckeditor_2.6.6-3.diff.gz
0ee915247630aa197d7931abd2a470da844cba2e 990364 fckeditor_2.6.6-3_all.deb
Checksums-Sha256:
3f1d8569efba6e4445d7dca3a453af032492c081f37cab95088550520fbbb640 1709
fckeditor_2.6.6-3.dsc
51975c15413c36780c23950bfb80c8ec6f18b7961d2ff6002c49c81b8017397a 4685
fckeditor_2.6.6-3.diff.gz
6b8f516266d2a6be8b452ccae85416cf6c88f342b691b93853291b08a592f280 990364
fckeditor_2.6.6-3_all.deb
Files:
3ae4ffa84565e319b7942beb75921c00 1709 web optional fckeditor_2.6.6-3.dsc
37014bd9def8986cfc0b026567f1e932 4685 web optional fckeditor_2.6.6-3.diff.gz
637c316234f8dbdf5f251b38f4f4fc82 990364 web optional fckeditor_2.6.6-3_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iQIcBAEBAgAGBQJQHD1xAAoJECnja5oB7TrHMekP/3vDS8VHwJM0HNDa+jR5w5rp
ZQhVPZv7c+K5eDK7PAntZvsjQ+3VubbOPcIwu+eKsd9YfVtAXrAQ+JTPHItHwSwn
Qrqw9eLOhHmxz/xVZqJIqWzUcmdTDEDQRRreiPmET0p2gMUY97YNkkfqpw39wQcB
4HvuRcQshGGn3DWQ9oVZe1YYLWQeWIIBRaTrS1ascQ+3S27LCO3EqtcsaGlmik9F
UaGug3vt5/bHW7cNBK3xSgzcwwgaRPKTujM5s3cOlDQ4fpLYa/M3g+IckwsAE63I
wfX9G6pPeW5YihYJtpbIyax6DKNEgJvRbqmYe4LkNaKMdH/SqYQqC8SV2ou1mWeX
P3WpSq6lxNdrMQUtYsnBic7hTVvQkUl/D1bFSGaspQlkJ18nDmpMVp0hRLN7r1sf
s8xGadd7Qo1+oaDECv4e2QFdkyxplonsNRtx7Oc9j2XwiLpj83bZ0rMN2A1QdUx0
cYfge3+Bkno1jQ/WJHfudJcGWzjixbuWpmRSxWHCTcYfGUvWfBbks0e2x3vaIPz/
/HBdRYeJamkYzIedJNEeHCN7b2chXuOCAPGtceU5LPoL0OSm+nPIwBEZ5ajGdJfu
ws1YciYaE4sftXGefr5gn6cmKWnywy+cmb3G8XFXqEOTBYpK9ILTxn7l9HtTpdx1
/z6K2Fq62bjqAqeP6SA0
=6wAN
-----END PGP SIGNATURE-----
--- End Message ---
