Your message dated Sat, 28 Feb 2015 11:04:32 +0000 with message-id <[email protected]> and subject line Bug#776922: fixed in vsftpd 3.0.2-18 has caused the Debian Bug report #776922, regarding [CVE-2015-1419] Unspecified vulnerability in vsftp 3.0.2 and earlier allows remote ... to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [email protected] immediately.) -- 776922: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776922 Debian Bug Tracking System Contact [email protected] with problems
--- Begin Message ---Package: vsftpd Version: 3.0.2-17 Severity: important Tags: security upstream Hi there, The following vulnerability was published http://seclists.org/oss-sec/2015/q1/389 If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. Please adjust the affected versions in the BTS as needed. Regards, luciano
--- End Message ---
--- Begin Message ---Source: vsftpd Source-Version: 3.0.2-18 We believe that the bug you reported is fixed in the latest version of vsftpd, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [email protected], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Jörg Frings-Fürst <[email protected]> (supplier of updated vsftpd package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [email protected]) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Tue, 24 Feb 2015 16:42:25 +0100 Source: vsftpd Binary: vsftpd vsftpd-dbg Architecture: source amd64 Version: 3.0.2-18 Distribution: unstable Urgency: high Maintainer: Jörg Frings-Fürst <[email protected]> Changed-By: Jörg Frings-Fürst <[email protected]> Description: vsftpd - lightweight, efficient FTP server written for security vsftpd-dbg - lightweight, efficient FTP server written for security (debug) Closes: 776922 Changes: vsftpd (3.0.2-18) unstable; urgency=high . * New debian/patches/0050-CVE-2015-1419.patch - Fix config option "deny_file" not always being handled correctly CVE-2015-1419 (Closes: #776922). - Thanks to Marcus Meissner. * Add year 2015 to debian/copyright. * debian/rules: - Remove override_dh_builddeb because xz compression is standard now. * debian/patches: - Refresh 0002-config.patch, 0004-link-local.patch, 0005-whitespaces.patch, 0006-greedy.patch, 0007-utf8.patch, 0010-remote-dos.patch, 0011-alpha.patch. * Remove debian/source/options because xz compression is standard now. * debian/vsftpd.postrm: - Remove systemd files and directories when purging. Checksums-Sha1: b8c5daa646b06b1dd486d7bc4fc2716749685abb 1957 vsftpd_3.0.2-18.dsc 69a609a9a39a7952fdffb70abfb2bcbbb2df285e 152756 vsftpd_3.0.2.orig.tar.xz edc22ba3ccbdd2c235db04fd007235b2f60cdac2 31392 vsftpd_3.0.2-18.debian.tar.xz 601a41328cf6c6db8e33fff42d289f8b7eaf35db 150762 vsftpd_3.0.2-18_amd64.deb fedd7445e537b5c3bcbd5249326db45b8f4ef447 222028 vsftpd-dbg_3.0.2-18_amd64.deb Checksums-Sha256: 5f1c4e41a36051f30acba49f3efedad9dcfe3e7a435d0700695cbdba8bbcb037 1957 vsftpd_3.0.2-18.dsc b19b19125925d307f713853e59df98c9bccae0279b22df1c586fb608363f7cd1 152756 vsftpd_3.0.2.orig.tar.xz c2ab39ac3641ac2cfd23613ea6a8e80bc4f9dfe93ff78519ef3d2e28c81b556b 31392 vsftpd_3.0.2-18.debian.tar.xz fe2d430fa78b46654520f2eabccb525cb292a9ec7ce0aa820c5f46f8e2ef91b6 150762 vsftpd_3.0.2-18_amd64.deb ef25660002f28c54cdaf5f91898a8755ba3d6f4178d45a044c67f8023699e58e 222028 vsftpd-dbg_3.0.2-18_amd64.deb Files: c7eace8de9ad5d86ef8133772ee61bfc 1957 net extra vsftpd_3.0.2-18.dsc 24f83e528020c847777d5030d0ec15fe 152756 net extra vsftpd_3.0.2.orig.tar.xz 179af9ececb340e1cc692a499d8f4bf0 31392 net extra vsftpd_3.0.2-18.debian.tar.xz eeaf29b0de276f50965369f8c919c8de 150762 net extra vsftpd_3.0.2-18_amd64.deb 7baed323460ac12e70adf791e56fbe12 222028 debug extra vsftpd-dbg_3.0.2-18_amd64.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJU8Z/1AAoJEHQmOzf1tfkTfr4QAK8yXXDKYo92iJAMHcHsM0K2 hyZJk/L+Hxe0NsWRn3e0MDhRLMFg5dhYS9bmjEKkqAXg/rfa4mRFP2PUna+Pdsh8 aIXpHLvMu5hLnc0PCudpluq+tF8yusSREUrKBPsM6MfKuMG7Yz+qh4VrhmRrzehb 5a+DUnakE29HQJekXPWEy2lec/tfl7AZSDDdUHIYEUU412EYNnKPHOTOcxwEnVfw lqhiAON6R0108r0peRyUnNE9ChITI2U8Ts/O7gECszd0jKEvfqPKdUqBN1OIX0FK 9tt2pBSZfpxfvS6Hn/6GFWfR/XS8JB3G0GyPyIPbq+A731Ih8CG1SFyp9blgspbP tboa+0gJ+BTTnHrLpHRC5e1TjsDg/Hvh9JDUuAVMtzhCmH1kmgUm6pvvxgFV9/Md DFWCktXtM7h0SYPNwxrd+KPO88cfDwOdqQa1RVaotqoSocDrg0/AX4gvgkfXkKuW 8MZNWkDAbXa13oTE6c2cA6cRT+XV+K47P2Xa0GqQCrcOpalmmGwOo3ShY59dxRnT AuT5CMb/P+Bdk15TdU8rE3QWynDKqJs3lqG3bynvN2KpdDTr4W6tsYHaXvURouFi YmPLrH1Vk1u8/PUmmomVB7/7w+GA4GRnNDT+Nx0N9fWGn8mVAF82Tnh2iOQaWj97 1n/2i+CbxffuDxA0i7IV =scAK -----END PGP SIGNATURE-----
--- End Message ---
