Your message dated Sat, 09 Nov 2019 20:35:15 +0000
with message-id <[email protected]>
and subject line Bug#943773: fixed in modsecurity-crs 3.1.0-1+deb10u1
has caused the Debian Bug report #943773,
regarding CVE-2019-13464
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
943773: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=943773
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: modsecurity-crs
Severity: important
Tags: security
This was assigned CVE-2019-13464:
https://github.com/SpiderLabs/owasp-modsecurity-crs/issues/1386
Patch:
https://github.com/SpiderLabs/owasp-modsecurity-crs/commit/6090d6b0a90417f1a60aa68a01eb777cef2e1184
Cheers,
Moritz
--- End Message ---
--- Begin Message ---
Source: modsecurity-crs
Source-Version: 3.1.0-1+deb10u1
We believe that the bug you reported is fixed in the latest version of
modsecurity-crs, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Alberto Gonzalez Iniesta <[email protected]> (supplier of updated
modsecurity-crs package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Sun, 03 Nov 2019 14:34:05 +0100
Source: modsecurity-crs
Binary: modsecurity-crs
Architecture: source all
Version: 3.1.0-1+deb10u1
Distribution: buster
Urgency: medium
Maintainer: Alberto Gonzalez Iniesta <[email protected]>
Changed-By: Alberto Gonzalez Iniesta <[email protected]>
Description:
modsecurity-crs - OWASP ModSecurity Core Rule Set
Closes: 943773
Changes:
modsecurity-crs (3.1.0-1+deb10u1) buster; urgency=medium
.
* Add upstream patch to fix php script upload rules.
CVE-2019-13464 (Closes: #943773)
Checksums-Sha1:
e2b9caf16fef13a18b0a7793a87d84937544ec3f 1829
modsecurity-crs_3.1.0-1+deb10u1.dsc
1688bc18ee29cc7be1e7e510abd46f75fa608c95 4924
modsecurity-crs_3.1.0-1+deb10u1.debian.tar.xz
f9c6551af1efe8a337d296c289ae086f1664375f 198144
modsecurity-crs_3.1.0-1+deb10u1_all.deb
ccf4b28066aa16755d055150a1fe2a6c8ccbcf93 5467
modsecurity-crs_3.1.0-1+deb10u1_amd64.buildinfo
Checksums-Sha256:
ab715ba374d4d235068133e418c9a32be59017aec6ef9dc8aafb2b9060dfe54b 1829
modsecurity-crs_3.1.0-1+deb10u1.dsc
7c21285215a80e26d0b277b782d9553634c5cd1ed3638864d24637888ec5878c 4924
modsecurity-crs_3.1.0-1+deb10u1.debian.tar.xz
58899e7419d39e596c61c63cbc73ea845bff01f2e683adee908a1ba27584747d 198144
modsecurity-crs_3.1.0-1+deb10u1_all.deb
67652b2c435c4dac957ccee507a04063c52aa45e5bb1cae461c7a8ab188886e9 5467
modsecurity-crs_3.1.0-1+deb10u1_amd64.buildinfo
Files:
885e8ead686f7686dcc1f48597f39df6 1829 httpd optional
modsecurity-crs_3.1.0-1+deb10u1.dsc
ed51b80956559189802b3969e60740e1 4924 httpd optional
modsecurity-crs_3.1.0-1+deb10u1.debian.tar.xz
d02b7774de5bfa7c38b4afe29852081a 198144 httpd optional
modsecurity-crs_3.1.0-1+deb10u1_all.deb
3d88326ed8f74734fdf441aaf391ed8b 5467 httpd optional
modsecurity-crs_3.1.0-1+deb10u1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQJEBAEBCAAuFiEEU0fL2D4wqetNfUvyAJszdWuaqlUFAl3BTtQQHGFnaUBpbml0
dGFiLm9yZwAKCRAAmzN1a5qqVdOpD/9/Kyk6u6qOMpT+Y2iLh2PI++jrn+jRXx2j
VXugixEAcBbMrt/mQDv8G1AGRAXhna3ENQfBvSQzCfHdgnG/cRScOYSF0ipWrKQw
Hkjkgz1edf5tu8RfV0kzNKbJgFmsmAp5CtuJaoJQakum8VgSqYMA1sfnuUkS6XIM
CGaRXIR6jbxHCeLQAlCyQY98AjZ1QRJDjtdG1ZDWWg3PwgV0JRotg+Uacmp5rj78
//4ri0jTNbGoQNRfHM77ebNUNU++KMjX/i/18ltXXMBGdw2GeXukEW4O7d2ggopO
V+ztXJhk7Paw/bNjZtex5LzX6Aunlz3MV1GrbfurN4V1pAq2KKZmk3fnGdE/4iUM
QUEQSvNKb4WMMSJSj0knTHuQC+TCaBNqVctQtjCYg0IBtVonEYjAP3AEkBuFYySa
5lY20ybNrTIhtlqBHBcsLHTcpwGeOimRrcamu1xmp2FGm3rxwfO9104D5cYnJqsl
LCg37cpAvhpyOYBGl7HZggpJxA3rbnsW6ks/fsthdv6elMJ1lDNzf+YzkKpH3O3E
dWkXUUODY8W5SWxDKIWrN09mN6WNti3z8uzS/yCzUFYulkTKwURGQQ4OI9t7ToUY
ejaBKlOkDg5meezSTjvCVG6dUcOr0s/VZIBsF2wLsFiM6XLmw3Q1/np3aCPuS4sO
bwR7URsNJw==
=Q4Ko
-----END PGP SIGNATURE-----
--- End Message ---
