Your message dated Sat, 24 Dec 2005 04:17:05 -0800
with message-id <[EMAIL PROTECTED]>
and subject line Bug#344241: fixed in debsecan 0.3
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--------------------------------------
Received: (at submit) by bugs.debian.org; 21 Dec 2005 03:00:30 +0000
>From [EMAIL PROTECTED] Tue Dec 20 19:00:30 2005
Return-path: <[EMAIL PROTECTED]>
Received: from washoe.rutgers.edu ([165.230.95.67])
by spohr.debian.org with esmtp (Exim 4.50)
id 1EouDI-000330-9Y
for [EMAIL PROTECTED]; Tue, 20 Dec 2005 19:00:26 -0800
Received: from ool-43526777.dyn.optonline.net ([67.82.103.119] helo=localhost)
by washoe.rutgers.edu with esmtpsa (TLS-1.0:RSA_AES_256_CBC_SHA1:32)
(Exim 4.54)
id 1EouCl-0007YD-5J
for [EMAIL PROTECTED]; Tue, 20 Dec 2005 21:59:52 -0500
Received: from yoh by localhost with local (Exim 4.54)
id 1EouDH-0002i4-05
for [EMAIL PROTECTED]; Tue, 20 Dec 2005 22:00:23 -0500
From: Yaroslav Halchenko <[EMAIL PROTECTED]>
To: Debian Bug Tracking System <[EMAIL PROTECTED]>
Subject: debsecan: not sure -- probably open issue is reported "fixed"
X-Debbugs-CC: Yaroslav Halchenko <[EMAIL PROTECTED]>
Message-Id: <[EMAIL PROTECTED]>
Date: Tue, 20 Dec 2005 22:00:23 -0500
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Level:
X-Spam-Status: No, hits=-10.5 required=4.0 tests=BAYES_00,HAS_PACKAGE,
RCVD_IN_SORBS,X_DEBBUGS_CC autolearn=ham
version=2.60-bugs.debian.org_2005_01_02
Package: debsecan
Version: 0.2
Severity: normal
First of all let me thank you for the package. I was thinking about
hacking up something like that myself but always postponed the project
until later on. So thank you very much -- now you've got an active
user/tester thus you might get an increase in the amount of bug
reports :-)
On my first try of the package I've decided to do full system
"security upgrade", so I ran
>apt-get install $(debsecan --suite sid --format packages --only-fixed)
and it gave me:
cpio is already the newest version.
libnetpbm10 is already the newest version.
libnetpbm9 is already the newest version.
linux-image-2.6.12-1-386 is already the newest version.
netpbm is already the newest version.
I decided to look closer onto cpio package:
> dpkg -l cpio
ii cpio 2.6-9 GNU cpio -- a program to manage archives of
>debsecan --suite sid --format summary --only-fixed | grep cpio
CVE-2005-4268 cpio (fixed)
http://idssi.enyo.de/tracker/source-package/cpio
lists CVE-2005-4268 among "open issues" and the other resolved issues
are covered by 2.6-9, thus nothing really has to be upgraded
Please let me know if more details necessary
Also it would be helpful to track the issue if there was at least some
optional debugging output (such vulnerabilities for package X are
found, this this and that one are fixed, etc depending on the logic of
debsecan)
Thanks once again for a nice tool
-- System Information:
Debian Release: testing/unstable
APT prefers unstable
APT policy: (600, 'unstable'), (300, 'experimental')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.13-mm1
Locale: LANG=ru_RU.KOI8-R, LC_CTYPE=ru_RU.KOI8-R (charmap=KOI8-R)
Versions of packages debsecan depends on:
ii python 2.3.5-3 An interactive high-level object-o
debsecan recommends no packages.
-- no debconf information
--Yarik
---------------------------------------
Received: (at 344241-close) by bugs.debian.org; 24 Dec 2005 12:20:54 +0000
>From [EMAIL PROTECTED] Sat Dec 24 04:20:54 2005
Return-path: <[EMAIL PROTECTED]>
Received: from katie by spohr.debian.org with local (Exim 4.50)
id 1Eq8Kf-0004Lg-Ec; Sat, 24 Dec 2005 04:17:05 -0800
From: Florian Weimer <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
X-Katie: $Revision: 1.65 $
Subject: Bug#344241: fixed in debsecan 0.3
Message-Id: <[EMAIL PROTECTED]>
Sender: Archive Administrator <[EMAIL PROTECTED]>
Date: Sat, 24 Dec 2005 04:17:05 -0800
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Level:
X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER
autolearn=no version=2.60-bugs.debian.org_2005_01_02
Source: debsecan
Source-Version: 0.3
We believe that the bug you reported is fixed in the latest version of
debsecan, which is due to be installed in the Debian FTP archive:
debsecan_0.3.dsc
to pool/main/d/debsecan/debsecan_0.3.dsc
debsecan_0.3.tar.gz
to pool/main/d/debsecan/debsecan_0.3.tar.gz
debsecan_0.3_all.deb
to pool/main/d/debsecan/debsecan_0.3_all.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Florian Weimer <[EMAIL PROTECTED]> (supplier of updated debsecan package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Fri, 23 Dec 2005 15:35:46 +0100
Source: debsecan
Binary: debsecan
Architecture: source all
Version: 0.3
Distribution: unstable
Urgency: low
Maintainer: Florian Weimer <[EMAIL PROTECTED]>
Changed-By: Florian Weimer <[EMAIL PROTECTED]>
Description:
debsecan - Debian Security Analyzer
Closes: 344241
Changes:
debsecan (0.3) unstable; urgency=low
.
* Support package pinning.
* The --suite option is no longer mandatory.
* When the user selected a specific suite, flag packages which have been
removed as obsolete. Closes: #344241.
Files:
b07c35d6e02d2bcb334fbda25a645481 783 admin optional debsecan_0.3.dsc
2eaa70fac87d2bf0a0484b40b458db9a 40579 admin optional debsecan_0.3.tar.gz
54184733c371cba21a81be6fd6c26773 14478 admin optional debsecan_0.3_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
iQEVAwUBQ6xSS797/wQC1SS+AQK53gf+KergCBHMPHj/g3ytSxkrPacVmOo7e4gx
1kLsAg3cKt7rgbXy1mK1IybhDaQ9JhEhTw4vsHrv5805G5KbYeFHHCWqZMqz1o77
AfKtOSLtlO9sA+m5wgEE5NAchyS0y1UNmu5U7TBNAGpGH0Td48FuC5OioXMU8chX
abBAkKjK06krAc8sra0l3Xh/d77nrxwEycnWtFo904tvtg3h1Y6Xjjl9XGJYGOum
G0bKx4F+A7iXlbSWAZ9hJzupVqpxBhsP45/Oat73VbFizBIClExW1jRPlBWM3dgp
KxecDR/iBBokh8Jl1JGq54C8bGX+53EWBqOzbWmuneGuHUp9UVkUjA==
=1/wL
-----END PGP SIGNATURE-----
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]