Your message dated Sat, 24 Dec 2005 09:47:11 -0800
with message-id <[EMAIL PROTECTED]>
and subject line Bug#342943: fixed in kronolith2 2.0.6-1
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--------------------------------------
Received: (at submit) by bugs.debian.org; 11 Dec 2005 21:00:16 +0000
>From [EMAIL PROTECTED] Sun Dec 11 13:00:16 2005
Return-path: <[EMAIL PROTECTED]>
Received: from inutil.org ([193.22.164.111]
helo=vserver151.vserver151.serverflex.de)
by spohr.debian.org with esmtp (Exim 4.50)
id 1ElYIp-0001mC-Tp
for [EMAIL PROTECTED]; Sun, 11 Dec 2005 13:00:16 -0800
Received: from dslb-082-083-202-120.pools.arcor-ip.net ([82.83.202.120]
helo=localhost.localdomain)
by vserver151.vserver151.serverflex.de with esmtpsa
(TLS-1.0:RSA_AES_256_CBC_SHA:32)
(Exim 4.50)
id 1ElYIo-0002l4-P5
for [EMAIL PROTECTED]; Sun, 11 Dec 2005 22:00:14 +0100
Received: from jmm by localhost.localdomain with local (Exim 4.60)
(envelope-from <[EMAIL PROTECTED]>)
id 1ElYIT-0001zY-Os; Sun, 11 Dec 2005 21:59:53 +0100
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: Moritz Muehlenhoff <[EMAIL PROTECTED]>
To: Debian Bug Tracking System <[EMAIL PROTECTED]>
Subject: kronolith: Several Cross-Site-Scripting vulnerabilities
Message-ID: <[EMAIL PROTECTED]>
X-Mailer: reportbug 3.18
Date: Sun, 11 Dec 2005 21:59:53 +0100
X-Debbugs-Cc: Debian Security Team <[EMAIL PROTECTED]>
X-SA-Exim-Connect-IP: 82.83.202.120
X-SA-Exim-Mail-From: [EMAIL PROTECTED]
X-SA-Exim-Scanned: No (on vserver151.vserver151.serverflex.de); SAEximRunCond
expanded to false
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Level:
X-Spam-Status: No, hits=-10.5 required=4.0 tests=BAYES_00,HAS_PACKAGE,
RCVD_IN_SORBS,X_DEBBUGS_CC autolearn=ham
version=2.60-bugs.debian.org_2005_01_02
Package: kronolith
Severity: important
Tags: security
Several cross-site-scripting vulnerabilities have been found in
Kronolith. Please see
http://lists.horde.org/archives/announce/2005/000234.html for
details. It's been fixed upstream in 2.0.5
Cheers,
Moritz
-- System Information:
Debian Release: testing/unstable
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.14-2-686
Locale: LANG=C, [EMAIL PROTECTED] (charmap=ISO-8859-15)
---------------------------------------
Received: (at 342943-close) by bugs.debian.org; 24 Dec 2005 17:51:13 +0000
>From [EMAIL PROTECTED] Sat Dec 24 09:51:13 2005
Return-path: <[EMAIL PROTECTED]>
Received: from katie by spohr.debian.org with local (Exim 4.50)
id 1EqDU7-0000gz-UG; Sat, 24 Dec 2005 09:47:11 -0800
From: Jose Carlos Medeiros <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
X-Katie: $Revision: 1.65 $
Subject: Bug#342943: fixed in kronolith2 2.0.6-1
Message-Id: <[EMAIL PROTECTED]>
Sender: Archive Administrator <[EMAIL PROTECTED]>
Date: Sat, 24 Dec 2005 09:47:11 -0800
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Level:
X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER
autolearn=no version=2.60-bugs.debian.org_2005_01_02
Source: kronolith2
Source-Version: 2.0.6-1
We believe that the bug you reported is fixed in the latest version of
kronolith2, which is due to be installed in the Debian FTP archive:
kronolith2_2.0.6-1.diff.gz
to pool/main/k/kronolith2/kronolith2_2.0.6-1.diff.gz
kronolith2_2.0.6-1.dsc
to pool/main/k/kronolith2/kronolith2_2.0.6-1.dsc
kronolith2_2.0.6-1_all.deb
to pool/main/k/kronolith2/kronolith2_2.0.6-1_all.deb
kronolith2_2.0.6.orig.tar.gz
to pool/main/k/kronolith2/kronolith2_2.0.6.orig.tar.gz
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Jose Carlos Medeiros <[EMAIL PROTECTED]> (supplier of updated kronolith2
package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Wed, 14 Dec 2005 11:48:55 -0200
Source: kronolith2
Binary: kronolith2
Architecture: source all
Version: 2.0.6-1
Distribution: unstable
Urgency: low
Maintainer: Horde Maintainers <[EMAIL PROTECTED]>
Changed-By: Jose Carlos Medeiros <[EMAIL PROTECTED]>
Description:
kronolith2 - calendar component for Horde Framework
Closes: 342943
Changes:
kronolith2 (2.0.6-1) unstable; urgency=low
.
* New upstream release.
* This release solved "Several Cross-Site-Scripting vulnerabilities"
(CVE-2005-4189). (closes: #342943)
* Set Maintainer to Debian Horde Team.
Files:
3a1bac1c03d5d24a8dc8e68e86ba14b2 742 web optional kronolith2_2.0.6-1.dsc
c0c6bad037911ef689bc4f4da5be0047 1300965 web optional
kronolith2_2.0.6.orig.tar.gz
dd2d00eeb7eea4e50d1cd4466a2109ec 4675 web optional kronolith2_2.0.6-1.diff.gz
b9aef4083f8c120df1175f50d01006e5 1311318 web optional
kronolith2_2.0.6-1_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
iEYEARECAAYFAkOthv0ACgkQscRzFz57S3P1YwCeMQsXXSES09ks62UDxDownE5a
VPAAoKs964M+4r/S5jkwDvQ1ZXCvQaGQ
=oARZ
-----END PGP SIGNATURE-----
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
