Your message dated Fri, 18 Mar 2016 12:00:44 +0000
with message-id <[email protected]>
and subject line Bug#789543: fixed in openhpi 3.6.1-1
has caused the Debian Bug report #789543,
regarding CVE-2015-3248
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
789543: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=789543
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: openhpi
Severity: important
Tags: security
Please see https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-3248
On Debian /var/lib/openhpi/ isn't world-writable, but still
world-readable. Can you investigate whether that's a real issue
or otherwise mitigated in the Debian packagin?
Cheers,
Moritz
--- End Message ---
--- Begin Message ---
Source: openhpi
Source-Version: 3.6.1-1
We believe that the bug you reported is fixed in the latest version of
openhpi, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Bryan Sutula <[email protected]> (supplier of updated openhpi package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Tue, 15 Mar 2016 22:11:14 -0500
Source: openhpi
Binary: libopenhpi3 libopenhpi-dev openhpid openhpi-clients
openhpi-plugin-ilo2-ribcl openhpi-plugin-ipmi openhpi-plugin-ipmidirect
openhpi-plugin-oa-soap openhpi-plugin-slave openhpi-plugin-test-agent
openhpi-plugin-snmp-bc openhpi-plugin-sysfs openhpi-plugin-watchdog
openhpi-plugin-simulator openhpi-plugin-dynamic-simulator openhpi
libopenhpi3-dbgsym openhpid-dbgsym openhpi-clients-dbgsym
openhpi-plugin-ilo2-ribcl-dbgsym openhpi-plugin-ipmi-dbgsym
openhpi-plugin-ipmidirect-dbgsym openhpi-plugin-oa-soap-dbgsym
openhpi-plugin-slave-dbgsym openhpi-plugin-test-agent-dbgsym
openhpi-plugin-snmp-bc-dbgsym openhpi-plugin-sysfs-dbgsym
openhpi-plugin-watchdog-dbgsym openhpi-plugin-simulator-dbgsym
openhpi-plugin-dynamic-simulator-dbgsym
Architecture: source amd64 all
Version: 3.6.1-1
Distribution: unstable
Urgency: medium
Maintainer: Bryan Sutula <[email protected]>
Changed-By: Bryan Sutula <[email protected]>
Description:
libopenhpi-dev - OpenHPI libraries (development files)
libopenhpi3 - OpenHPI libraries (runtime and support files)
libopenhpi3-dbgsym - Debug symbols for libopenhpi3 library
openhpi - SAF's HPI: Abstracted interface for managing computer hardware
openhpi-clients - OpenHPI example client programs
openhpi-clients-dbgsym - Debug symbols for OpenHPI example client programs.
openhpi-plugin-dynamic-simulator - OpenHPI plugin module for the dynamic
simulator.
openhpi-plugin-dynamic-simulator-dbgsym - Debug symbols for OpenHPI plugin
module for the dynamic
openhpi-plugin-ilo2-ribcl - OpenHPI plugin module for HP's ProLiant rackmount
servers
openhpi-plugin-ilo2-ribcl-dbgsym - Debug symbols for OpenHPI plugin module for
HP's ProLiant
openhpi-plugin-ipmi - OpenHPI plugin module for OpenIPMI
openhpi-plugin-ipmi-dbgsym - Debug symbols for OpenHPI plugin module for
OpenIPMI.
openhpi-plugin-ipmidirect - OpenHPI plugin module for direct IPMI over LAN
(RMCP) or SMI
openhpi-plugin-ipmidirect-dbgsym - Debug symbols for OpenHPI plugin module for
direct IPMI over
openhpi-plugin-oa-soap - OpenHPI plugin module for HP's BladeSystem c-Class
openhpi-plugin-oa-soap-dbgsym - Debug symbols for OpenHPI plugin module for
HP's BladeSystem
openhpi-plugin-simulator - OpenHPI plugin module for the simulator to work
without hardware.
openhpi-plugin-simulator-dbgsym - Debug symbols for OpenHPI plugin module for
simulator.
openhpi-plugin-slave - OpenHPI plugin module for slave plugin
openhpi-plugin-slave-dbgsym - Debug symbols for OpenHPI plugin module for
slave plugin.
openhpi-plugin-snmp-bc - OpenHPI plugin module for IBM's BladeCenter or RSA
over SNMP
openhpi-plugin-snmp-bc-dbgsym - Debug symbols for OpenHPI plugin module for
IBM's BladeCenter
openhpi-plugin-sysfs - OpenHPI plugin module for the sysfs filesystem
openhpi-plugin-sysfs-dbgsym - Debug symbols for OpenHPI plugin module for the
sysfs filesystem.
openhpi-plugin-test-agent - OpenHPI plugin module for test agent plugin
openhpi-plugin-test-agent-dbgsym - Debug symbols for OpenHPI plugin module for
test agent plugin.
openhpi-plugin-watchdog - OpenHPI plugin module for the Linux watchdog
interface
openhpi-plugin-watchdog-dbgsym - Debug symbols for OpenHPI plugin module for
the Linux watchdog
openhpid - OpenHPI daemon, supports gathering of manageability information
openhpid-dbgsym - Debug symbols package for OpenHPI daemon. See openhpid
Closes: 752453 785287 789543
Changes:
openhpi (3.6.1-1) unstable; urgency=medium
.
* Updated to upstream 3.6.1 version; differences listed at
http://openhpi.org/News
* Major changes: bug fixes, dynamic simulator plugin
* Changes to take care of new ssl, glib etc
* Major credit for this upload to Mohan Devarajulu <[email protected]>
* Fixed security bug CVE-2015-3248 (Closes: #789543)
* Run dh-autoreconf to update config (Closes: #752453)
* Added systemd control file (Closes: #785287)
Checksums-Sha1:
f751e96bd0b987ab9f9b8bad5c641882e20a0d04 4309 openhpi_3.6.1-1.dsc
142ea4b7602cf14877c792e4eba0c29928ee6771 7076533 openhpi_3.6.1.orig.tar.gz
f1530d97974ea9370a5a35e6d1c915cb4c12fea7 15484 openhpi_3.6.1-1.debian.tar.xz
b5b4d484caa5c4e00274da9c9b9d177f197ffd98 911770
libopenhpi-dev_3.6.1-1_amd64.deb
b5f71a222a0a52dbbae5a48b688999dcfb8c0764 26364
libopenhpi3-dbgsym_3.6.1-1_amd64.deb
26ec3ecf5ada0dff35405b7bf2daa7425adfcb0d 152462 libopenhpi3_3.6.1-1_amd64.deb
22f786690ece8e528fc9a95d500ae36de463e3a3 26358
openhpi-clients-dbgsym_3.6.1-1_amd64.deb
297fb1c68d4d30c588360b00f14ec154f4daafce 231654
openhpi-clients_3.6.1-1_amd64.deb
6e674e05941952f280a1c9305ae4b5e3d9f15348 26410
openhpi-plugin-dynamic-simulator-dbgsym_3.6.1-1_amd64.deb
674640819e2ee1541c129fbc53b99dcb04ada5c4 113896
openhpi-plugin-dynamic-simulator_3.6.1-1_amd64.deb
97550d309b575c9c9409e06a76955146c60cb442 26414
openhpi-plugin-ilo2-ribcl-dbgsym_3.6.1-1_amd64.deb
1f80b711fdd13e98bb52534d3e899b181904c5fe 346776
openhpi-plugin-ilo2-ribcl_3.6.1-1_amd64.deb
4033451f1e817216609c3d03eb50b607d89deae5 26390
openhpi-plugin-ipmi-dbgsym_3.6.1-1_amd64.deb
9391fea76939ccae1d6453d183a6b25a7bfc1567 110870
openhpi-plugin-ipmi_3.6.1-1_amd64.deb
6776ea27545ac67b8ea273ab1cef2a6d92099bfa 26416
openhpi-plugin-ipmidirect-dbgsym_3.6.1-1_amd64.deb
32fef3b3d604225a91ec74c13280ee2bc7324d37 141232
openhpi-plugin-ipmidirect_3.6.1-1_amd64.deb
bd98faa3116ff54fb80fc502669e0bf2b8b84716 26404
openhpi-plugin-oa-soap-dbgsym_3.6.1-1_amd64.deb
b06b548cf3c84621ab8ebca0731757630a83a66a 889684
openhpi-plugin-oa-soap_3.6.1-1_amd64.deb
10c79d62918455fedb26f4e4e83a810d8b56633b 26392
openhpi-plugin-simulator-dbgsym_3.6.1-1_amd64.deb
aba8d3cdbdc4ea8349ffe6bb8883bdb771e39f5a 47016
openhpi-plugin-simulator_3.6.1-1_amd64.deb
6f17e055128681cf80c8e2b74c5f50c72da96ed3 26392
openhpi-plugin-slave-dbgsym_3.6.1-1_amd64.deb
995fd755c602eba83b0a9ee7434d71bc5cb3bc56 43666
openhpi-plugin-slave_3.6.1-1_amd64.deb
b141bec46c45f1823d8e68940a7a1627494dbafe 26414
openhpi-plugin-snmp-bc-dbgsym_3.6.1-1_amd64.deb
d44e67217121d96704756c4577e06cea68eb0a9e 853852
openhpi-plugin-snmp-bc_3.6.1-1_amd64.deb
7950534e4cd6db13cf7b306684dcd4f805f8d500 26396
openhpi-plugin-sysfs-dbgsym_3.6.1-1_amd64.deb
f04993ffa6c9482491f25b0b5c8a7e1e585b32d6 32420
openhpi-plugin-sysfs_3.6.1-1_amd64.deb
07275ef7574e32e77ffc03bfdcca3b46741954dc 26396
openhpi-plugin-test-agent-dbgsym_3.6.1-1_amd64.deb
5a28303b252b38f1e9572ac4347ce437360fc80a 119554
openhpi-plugin-test-agent_3.6.1-1_amd64.deb
e2eac9f1c78f07802f7db5513e278ff54667eaeb 26404
openhpi-plugin-watchdog-dbgsym_3.6.1-1_amd64.deb
5a43494835bb6ef19aed4dea6ae4dcfc7a0da400 31128
openhpi-plugin-watchdog_3.6.1-1_amd64.deb
809631af1e187909add87fca11b815aa75c1c80e 26998 openhpi_3.6.1-1_all.deb
db0d532f89fead3c1095d7b1be67e50f52358ef8 26342
openhpid-dbgsym_3.6.1-1_amd64.deb
8042d13cd1ed3cd737f6d1b7311125dad74a053c 87756 openhpid_3.6.1-1_amd64.deb
Checksums-Sha256:
a084a50c75c409cdb7037cda8c74451114ca8d826e70c84df190c1f101628879 4309
openhpi_3.6.1-1.dsc
dc4fdb6b4cd7fd502620466b3f817de0719038ef851b7e0ffc4550ded1b986a7 7076533
openhpi_3.6.1.orig.tar.gz
c14b624ba8c19515b7bf646410f240b16e6680fd781d1d6b7d1894c14a3e3661 15484
openhpi_3.6.1-1.debian.tar.xz
1d03efb41de54a96d8139ea9c85781db0b43c7c80cece859291a186fdccb62e1 911770
libopenhpi-dev_3.6.1-1_amd64.deb
bfd6e544af3a98aec56cd34b53724bebc234cb7071ed096d8e89228058fc5a17 26364
libopenhpi3-dbgsym_3.6.1-1_amd64.deb
9d4e722c4f1cb6e192bd7c5a2105462c4394d5ec941b9f0a1a9e19fd052c7c65 152462
libopenhpi3_3.6.1-1_amd64.deb
001a727834ed03a6009acd71fa3695ca04be7bac6cb21471ffdfe2fea50ed5cb 26358
openhpi-clients-dbgsym_3.6.1-1_amd64.deb
8ba6557b6508df29faa71fdb6d9c9bc3e2c7df1b05f9d433aeba3b4c13d1778e 231654
openhpi-clients_3.6.1-1_amd64.deb
99836c7da97a1c50ed679e9396d36df87c90c50cfc16ba181f70c92a8d1ec234 26410
openhpi-plugin-dynamic-simulator-dbgsym_3.6.1-1_amd64.deb
5408a3da960076fea647fe50edd06441a1bcc6880ed0e9bb93a659e9a4974eb1 113896
openhpi-plugin-dynamic-simulator_3.6.1-1_amd64.deb
4f6434751b948e5f8cf8da133a00f47ceea5420709a03461448185940d5daefa 26414
openhpi-plugin-ilo2-ribcl-dbgsym_3.6.1-1_amd64.deb
aed9b5172fc6f8635f601e4cc24b0defafac1ed4e48b265569c21dc7e919c851 346776
openhpi-plugin-ilo2-ribcl_3.6.1-1_amd64.deb
8fbd83e9b16c5c8d5a9945960d27a806a351679ab337bd899858f96021251f90 26390
openhpi-plugin-ipmi-dbgsym_3.6.1-1_amd64.deb
f814d95ef4feaf7e1bf9d18048e865903a0e2cc60b1c9a35254c5126723b748e 110870
openhpi-plugin-ipmi_3.6.1-1_amd64.deb
d6cb6298e168997fe5ca0d577d03c5733bb15c8ded6872745d778b26faee28b5 26416
openhpi-plugin-ipmidirect-dbgsym_3.6.1-1_amd64.deb
9ef5b3fcdd06fe5c9dc3fc51f1b9b92c9e482397398362393820fbeb13430cdc 141232
openhpi-plugin-ipmidirect_3.6.1-1_amd64.deb
ffa4435e953213af83934426d27fcc18c737b7892d322f5a46acd09e656f958e 26404
openhpi-plugin-oa-soap-dbgsym_3.6.1-1_amd64.deb
14c359349efe4e0a94f1fe5b28146fcf5b07161863e4c6c30e0245275b0ea735 889684
openhpi-plugin-oa-soap_3.6.1-1_amd64.deb
52ad4abc6fa84f6f0625991054ab2224158820767be5d62cb31da29615a3df06 26392
openhpi-plugin-simulator-dbgsym_3.6.1-1_amd64.deb
ec6a8e6a0b58412ec29c9717068f19d6c17c985d6a8b973d0a68c08eb4cb1622 47016
openhpi-plugin-simulator_3.6.1-1_amd64.deb
1098121ae0a34f7bf175966f520168ceb6494b9291b866f4cb31db4728080e9e 26392
openhpi-plugin-slave-dbgsym_3.6.1-1_amd64.deb
7ca9817a80b79957c148a57ad493e598f8ee213a1f328b2a7a3fdaaf11f83bcf 43666
openhpi-plugin-slave_3.6.1-1_amd64.deb
287a66f6569ff480a6cad8ae8520d69dfb6f76a49c29c816f6bf9e46bfaf59d6 26414
openhpi-plugin-snmp-bc-dbgsym_3.6.1-1_amd64.deb
0808a9bef35e2547f4d445e2bdbcf8cc889c2917f78224480d16054d686dce01 853852
openhpi-plugin-snmp-bc_3.6.1-1_amd64.deb
41bb9657df08433aced37756e8498055bbf4338665fb30d8b5b53fac2a64a625 26396
openhpi-plugin-sysfs-dbgsym_3.6.1-1_amd64.deb
135d603586cb66001ec1bf25bda74ef4f1c205d7621a0fd29088cb8f974ab322 32420
openhpi-plugin-sysfs_3.6.1-1_amd64.deb
508d64d01ee50cfc48a23675fee2f724df7fa3a08d1855d2a48a6619ac4039de 26396
openhpi-plugin-test-agent-dbgsym_3.6.1-1_amd64.deb
fe491a82eefc5a12b4133582933e27b9feebf268844eec7f59bb4dc660962946 119554
openhpi-plugin-test-agent_3.6.1-1_amd64.deb
9405e3f2c3d05f029b0c3bd413e37d299f80bb4f0cb215f21bfa31f42e474404 26404
openhpi-plugin-watchdog-dbgsym_3.6.1-1_amd64.deb
9525da751d7355440bf8c707d3f2cb3089f64dd58731ae4d09e8f921b11e433d 31128
openhpi-plugin-watchdog_3.6.1-1_amd64.deb
6dabed0a36f849ad4fa086d79fa665e31cc1e8dbbc298298026f50ffe192efb1 26998
openhpi_3.6.1-1_all.deb
7ce0c835ad64939fde0a06b5572545791be3c1da0a5dd82b15a1c6c35fbae230 26342
openhpid-dbgsym_3.6.1-1_amd64.deb
807d978cb9f6e4bec7ff7033d91d37bed8a40c9103dca1bfeccad911e66b1a22 87756
openhpid_3.6.1-1_amd64.deb
Files:
a85dc60a7be167b8f48d5196c86cbfec 4309 admin optional openhpi_3.6.1-1.dsc
28b2ceea424618d0ec906195f9ca1611 7076533 admin optional
openhpi_3.6.1.orig.tar.gz
a9ae1a21862d0dd8b273d460d46d0f43 15484 admin optional
openhpi_3.6.1-1.debian.tar.xz
4be074398f6d1295f8c341a4f28318e4 911770 libdevel optional
libopenhpi-dev_3.6.1-1_amd64.deb
3c2b0c6c51036bccb2b60ed99f5a36db 26364 debug extra
libopenhpi3-dbgsym_3.6.1-1_amd64.deb
2a207ed38deaa98bb943a81b137d489d 152462 libs optional
libopenhpi3_3.6.1-1_amd64.deb
b2eb3828300b505915f89f32e8044670 26358 debug extra
openhpi-clients-dbgsym_3.6.1-1_amd64.deb
000cd9865646a75b1394fbd934c84024 231654 admin optional
openhpi-clients_3.6.1-1_amd64.deb
1731fc54a8946c2860fbe61155fa0653 26410 debug extra
openhpi-plugin-dynamic-simulator-dbgsym_3.6.1-1_amd64.deb
68455649e5778cb8453a0308d8687d15 113896 libs optional
openhpi-plugin-dynamic-simulator_3.6.1-1_amd64.deb
e8009bada52d89968e4196928b013865 26414 debug extra
openhpi-plugin-ilo2-ribcl-dbgsym_3.6.1-1_amd64.deb
773e40491bfcac2f0ef34caf633aaa64 346776 libs optional
openhpi-plugin-ilo2-ribcl_3.6.1-1_amd64.deb
b5ecb96dd9cd60d131e4d0783f5f2bf9 26390 debug extra
openhpi-plugin-ipmi-dbgsym_3.6.1-1_amd64.deb
aaf8a984895c36753623a5543b44cb84 110870 libs optional
openhpi-plugin-ipmi_3.6.1-1_amd64.deb
01b971f2466a90cfa15cde485eea976a 26416 debug extra
openhpi-plugin-ipmidirect-dbgsym_3.6.1-1_amd64.deb
d780e30a293b5de351f4485a76c0e771 141232 libs optional
openhpi-plugin-ipmidirect_3.6.1-1_amd64.deb
d4bb948a77b91c9628c60822af6a312b 26404 debug extra
openhpi-plugin-oa-soap-dbgsym_3.6.1-1_amd64.deb
028a21d05f759d9225a37d7d1e67867b 889684 libs optional
openhpi-plugin-oa-soap_3.6.1-1_amd64.deb
a255e5a09b864a6444434ed7beb143ef 26392 debug extra
openhpi-plugin-simulator-dbgsym_3.6.1-1_amd64.deb
7df1725c6b2c2f7001ab35b23f17d407 47016 libs optional
openhpi-plugin-simulator_3.6.1-1_amd64.deb
86b37df12b35c1c784f4fb59c1c5a2d9 26392 debug extra
openhpi-plugin-slave-dbgsym_3.6.1-1_amd64.deb
135c3b182bedddeceb654f6ca24c5cb0 43666 libs optional
openhpi-plugin-slave_3.6.1-1_amd64.deb
3f5905c18245dd0562e791697de3f607 26414 debug extra
openhpi-plugin-snmp-bc-dbgsym_3.6.1-1_amd64.deb
d8f692394015109bc5cac8b3dddb0bb4 853852 libs optional
openhpi-plugin-snmp-bc_3.6.1-1_amd64.deb
87967b90c46aa0a30ead629a1283af9b 26396 debug extra
openhpi-plugin-sysfs-dbgsym_3.6.1-1_amd64.deb
1e059b4468eab3755e09e53b7dbbc7cb 32420 libs extra
openhpi-plugin-sysfs_3.6.1-1_amd64.deb
574c42a367e91ccf06cad251a14b47ba 26396 debug extra
openhpi-plugin-test-agent-dbgsym_3.6.1-1_amd64.deb
53a40f4af05e89ba2bad7dc53c516ed0 119554 libs optional
openhpi-plugin-test-agent_3.6.1-1_amd64.deb
02b70b7a178383270597284a5faa523e 26404 debug extra
openhpi-plugin-watchdog-dbgsym_3.6.1-1_amd64.deb
0bab710b9e15caacf164d8331aaf069d 31128 libs optional
openhpi-plugin-watchdog_3.6.1-1_amd64.deb
595e3d445509c2ec3150297766f25c38 26998 admin extra openhpi_3.6.1-1_all.deb
a01bb056a533799f2681a2fdcceacf7c 26342 debug extra
openhpid-dbgsym_3.6.1-1_amd64.deb
44b678bdde601ee56d707928a43cf2a0 87756 admin optional
openhpid_3.6.1-1_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCgAGBQJW6wjSAAoJEM1YobF+0DP6De4P/RlYwz5AMfA7E1QHYNHl7Bv5
lXZeIk2LO+md9wMPmhc6JqHG3ucFuIm2uzLiVbJTinLUr1V/uCn055ck1208VGo9
lvMoglaGOS2bHPU1LlvOveXkPUGI+cPwLvUxJKGwaeSof/A9EvaYU0VesvJZTDjC
rc6/cwlTJ1OePwQIuUrsPmh6XwY+N/rdpKue5zeupHNEO+wdJM5npiHbBa4bcz0x
NMltNNHV4vBqJ5TLdA0OlvSMc6pul3BNms3Z/w/sYW4LXeGIivGUJlH4eXoR4ycW
7g0OZUJJsKbC09xSgL42vZZtVgH//3F9J8EQoS4C2dJI4bO0wE6XxZNadH4HiUPF
cIdltJqG0UqT0FIJSYutH7lY39o8jQC7UJlDBMXvRqyxJNpUF8wfCB7TrkHlOKjP
wS7KPurbefFMmIaOTsjOlajwldXNCrJCWggkvTHm3Equ9kDerBxkXnG2essnISEN
AcYJ06NU6UaH7cgngJMNZGjCs9I6/Ha8XZRB0SPVY+5xaClJbGzyE1X2RPJL1beI
ehWgr3M3eLTA7SeXm9FsgFlBnLrX05FMN1fpd3C+CMII7NC200pt17lDmgmZGfsx
04vAVMDrduBIR9s4Nm2J9mMKxJbJyMyIoIGW+XPC41t+ieL0TmVc/+9QLQClUSxV
zQApfdaU+2fBf/IH9MXt
=o2Ep
-----END PGP SIGNATURE-----
--- End Message ---
