Your message dated Tue, 01 Nov 2005 06:17:10 -0800
with message-id <[EMAIL PROTECTED]>
and subject line Bug#331732: fixed in acidlab 0.9.6b20-13
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--------------------------------------
Received: (at maintonly) by bugs.debian.org; 4 Oct 2005 23:40:04 +0000
>From [EMAIL PROTECTED] Tue Oct 04 16:40:04 2005
Return-path: <[EMAIL PROTECTED]>
Received: from kitenet.net [64.62.161.42] (postfix)
by spohr.debian.org with esmtp (Exim 3.36 1 (Debian))
id 1EMwOB-0004I3-00; Tue, 04 Oct 2005 16:40:03 -0700
Received: by kitenet.net (Postfix, from userid 500)
id BF85C17F72; Tue, 4 Oct 2005 23:40:03 +0000 (GMT)
To: [EMAIL PROTECTED]
Subject: acidlab depends on debconf without | debconf-2.0 alternate; blocks
cdebconf transition
Message-Id: <[EMAIL PROTECTED]>
Date: Tue, 4 Oct 2005 23:40:03 +0000 (GMT)
From: [EMAIL PROTECTED] (Joey Hess)
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Level:
X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE
autolearn=no version=2.60-bugs.debian.org_2005_01_02
Package: acidlab
This package depends/pre-depends on debconf without allowing the dependency
to be satisfied with an alternate of debconf-2.0. That is to say, its
dependency should read: debconf | debconf-2.0
Until this is fixed, it is impossible to use this package with cdebconf,
and very hard to impossible to install cdebconf at all.
debconf-2.0 was added to policy as a virtual package in 2002 and has been
provided by debconf since 2003. In early 2004, dh_installdebconf began
automatically adding it as an alternate to debconf in dependencies it
generates for packages using debhelper. So if you're using a current
version of debhelper you should only need to rebuild your package and
review it. If you are not using debhelper, make sure the dependency is
modified to allow debconf-2.0 to satisfy it.
This bug report was filed by semiautomated means after a trio of posts to
the debian-devel mailing list, and you have probably also received a bcced
mail about the issue before. If your package's dependencies are correct and
it really has some valid reason to depend on debconf alone, please reassign
this bug report to cdebconf with an explanation of what debconf feature
your package depends on, so it can be reimplemented in cdebconf.
---------------------------------------
Received: (at 331732-close) by bugs.debian.org; 1 Nov 2005 14:17:34 +0000
>From [EMAIL PROTECTED] Tue Nov 01 06:17:34 2005
Return-path: <[EMAIL PROTECTED]>
Received: from katie by spohr.debian.org with local (Exim 3.36 1 (Debian))
id 1EWwwo-0005z0-00; Tue, 01 Nov 2005 06:17:10 -0800
From: Javier Fernandez-Sanguino Pen~a <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
X-Katie: $Revision: 1.56 $
Subject: Bug#331732: fixed in acidlab 0.9.6b20-13
Message-Id: <[EMAIL PROTECTED]>
Sender: Archive Administrator <[EMAIL PROTECTED]>
Date: Tue, 01 Nov 2005 06:17:10 -0800
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Level:
X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER
autolearn=no version=2.60-bugs.debian.org_2005_01_02
Source: acidlab
Source-Version: 0.9.6b20-13
We believe that the bug you reported is fixed in the latest version of
acidlab, which is due to be installed in the Debian FTP archive:
acidlab-doc_0.9.6b20-13_all.deb
to pool/main/a/acidlab/acidlab-doc_0.9.6b20-13_all.deb
acidlab-mysql_0.9.6b20-13_all.deb
to pool/main/a/acidlab/acidlab-mysql_0.9.6b20-13_all.deb
acidlab-pgsql_0.9.6b20-13_all.deb
to pool/main/a/acidlab/acidlab-pgsql_0.9.6b20-13_all.deb
acidlab_0.9.6b20-13.diff.gz
to pool/main/a/acidlab/acidlab_0.9.6b20-13.diff.gz
acidlab_0.9.6b20-13.dsc
to pool/main/a/acidlab/acidlab_0.9.6b20-13.dsc
acidlab_0.9.6b20-13_all.deb
to pool/main/a/acidlab/acidlab_0.9.6b20-13_all.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Javier Fernandez-Sanguino Pen~a <[EMAIL PROTECTED]> (supplier of updated
acidlab package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Sun, 30 Oct 2005 22:05:35 +0100
Source: acidlab
Binary: acidlab-doc acidlab-pgsql acidlab acidlab-mysql
Architecture: source all
Version: 0.9.6b20-13
Distribution: unstable
Urgency: high
Maintainer: Jeremy T. Bouse <[EMAIL PROTECTED]>
Changed-By: Javier Fernandez-Sanguino Pen~a <[EMAIL PROTECTED]>
Description:
acidlab - Analysis Console for Intrusion Databases
acidlab-doc - Analysis Console for Intrusion Databases (documentation)
acidlab-mysql - Analysis Console for Intrusion Databases for MySQL
acidlab-pgsql - Analysis Console for Intrusion Databases for Postgres
Closes: 155212 247730 270171 303217 307712 314566 315135 331732
Changes:
acidlab (0.9.6b20-13) unstable; urgency=high
.
* Patch [013] SECURITY fix:
- Add proper filtering in all ImportHTTP variables using either the new
functions to check for numeric/alphanumeric chars or the filterSql()
function to prevent SQL injection attacks. This patch fixes CVE-2005-3325
but also other attack vectors not mentioned in the initial advisory
(http://www.frsirt.com/english/advisories/2005/2188)
* Patch [014] Updated dates of php selections up to 2007
* Changed patch [010]: fix locations of Nessus
* New patch [015]: fix location of Snort database, provided alternative
Ports lookup and added alternative locations for DNS queries (Closes:
#315135)
* Fixed FSF address in debian/copyright
* Patch [016]: Allow graphic data to be represented until 2007. This patch
together with patch [014] means that acid's last date is 2007 which should
be
enough since we are going to replace it with BASE in the short term
(Closes: #314566, #307712, #303217, #270171)
* Document the changes that need to be done in order to extend the available
year options (Closes: #247730)
* Added a debian/TODO to describe how to fix the issue with new years with a
simple for each loop.
* Acidlab now depends on "| debconf-2.0" as requested by Joey Hess, I
changed debian/packages instead of debian/control this time (Closes:
#331732)
* To reduce the risk of possible vulnerabilities in the code, made the
default apache.conf allow access only from localhost and document this in
the README file
* Document the fact that this version is actually 0.9.6b20+patches from the
latest upstream release 0.9.6b23 and that the later will never be
released. (Closes: #155212)
* Added the upstream homepage to all package descriptions.
Files:
738b1a585919b2b924e24fbb34ce3be7 840 web extra acidlab_0.9.6b20-13.dsc
7b39c7253ad82010d391af41e4c97d14 354649 web extra acidlab_0.9.6b20-13.diff.gz
379034fb2cff2fdfa89544ed970337ed 5212 web extra
acidlab-mysql_0.9.6b20-13_all.deb
9ef04ab7465ea79030e1a0730162dd8c 5212 web extra
acidlab-pgsql_0.9.6b20-13_all.deb
70d81053834bee5af9efe9a47a2b2b69 276742 web extra
acidlab-doc_0.9.6b20-13_all.deb
2a3bc0f45d4b6f7afbdc760715676563 663152 web extra acidlab_0.9.6b20-13_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
iQCVAwUBQ2dxS/tEPvakNq0lAQI/TAQAqHql26lFMOqn1tMtptBx3NB8fO/UwSSq
Mvr/eQHkw6b1g3ep3P5EwMh7pPzVHphUVsV8HFUXCRcYWllxYS99bir7mNWrJmvh
eoBowIV/siRUUdZrNrrDQLbDW7ACgW05yE9yBBbHNw4cp9hVTbBVE1GWZv6BK6wJ
kn3TycSBiQc=
=fuif
-----END PGP SIGNATURE-----
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
