Your message dated Sun, 30 May 2021 18:02:07 +0000
with message-id <[email protected]>
and subject line Bug#989183: fixed in hyperkitty 1.2.2-1+deb10u1
has caused the Debian Bug report #989183,
regarding CVE-2021-33038
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
989183: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989183
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: hyperkitty
Severity: grave
Tags: security
X-Debbugs-Cc: Debian Security Team <[email protected]>

This was assigned CVE-2021-33038:
https://gitlab.com/mailman/hyperkitty/-/issues/380

Patch is here:
https://gitlab.com/mailman/hyperkitty/-/commit/9025324597d60b2dff740e49b70b15589d6804fa

Cheers,
         Moritz

--- End Message ---
--- Begin Message ---
Source: hyperkitty
Source-Version: 1.2.2-1+deb10u1
Done: Jonas Meurer <[email protected]>

We believe that the bug you reported is fixed in the latest version of
hyperkitty, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Jonas Meurer <[email protected]> (supplier of updated hyperkitty package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 28 May 2021 13:39:11 +0200
Source: hyperkitty
Architecture: source
Version: 1.2.2-1+deb10u1
Distribution: buster-security
Urgency: high
Maintainer: Debian Mailman Team <[email protected]>
Changed-By: Jonas Meurer <[email protected]>
Closes: 989183
Changes:
 hyperkitty (1.2.2-1+deb10u1) buster-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * d/p/0005_ensure_private_archives_during_import.patch: Ensure private
     archives stay private during import (CVE-2021-33038). (Closes: #989183)
Checksums-Sha1:
 5de6602dd414d8d1b1fb5304a9d75c1234f78279 2848 hyperkitty_1.2.2-1+deb10u1.dsc
 fcfcb43e4edf9751c42e5e85996ef694cd1be3ac 1370117 hyperkitty_1.2.2.orig.tar.gz
 59710c7372db7dc81c37744a131dfa3a3f64e987 801 hyperkitty_1.2.2.orig.tar.gz.asc
 22740e74a1fec82709af94e19e92f245b4a86ef4 125236 
hyperkitty_1.2.2-1+deb10u1.debian.tar.xz
 ea223d68a7157d5b269425425a80d8fe5df7a0d7 8591 
hyperkitty_1.2.2-1+deb10u1_amd64.buildinfo
Checksums-Sha256:
 51683913ae695fab0e738a030cf6ca052a5d0e09a7942f04034cadb88fb4e1f3 2848 
hyperkitty_1.2.2-1+deb10u1.dsc
 3f077d6ca925f31cd444070f9d44eb9a977864b64425fe61bfd71a5a29d75ffc 1370117 
hyperkitty_1.2.2.orig.tar.gz
 0ea91e4afac6f0d9066c33515d221f235d6762a5eae45f89a4cced245e3271b9 801 
hyperkitty_1.2.2.orig.tar.gz.asc
 bcbff4091edba1506c7e70f25e39ee6a945dc03d01b0383b6c36a4af7e1c88d4 125236 
hyperkitty_1.2.2-1+deb10u1.debian.tar.xz
 efe03eb8282edf76b655ea97fbc541709f6fbcf6018906a2fbece87454abae53 8591 
hyperkitty_1.2.2-1+deb10u1_amd64.buildinfo
Files:
 ba01fcea7cf4904985fc5ed9e8d636f1 2848 python optional 
hyperkitty_1.2.2-1+deb10u1.dsc
 0db8051a7e6542d8b2a9ea9d36649830 1370117 python optional 
hyperkitty_1.2.2.orig.tar.gz
 b5ec4010663d13d700ad44d7dd6634c8 801 python optional 
hyperkitty_1.2.2.orig.tar.gz.asc
 17f201535377d126c8ce18051dc25467 125236 python optional 
hyperkitty_1.2.2-1+deb10u1.debian.tar.xz
 b6ed952e0412e84b60b51675605bde2c 8591 python optional 
hyperkitty_1.2.2-1+deb10u1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEELIzSg9Pv30M4kOeDUmLn/0kQSf4FAmCxHnAACgkQUmLn/0kQ
Sf4Ygg/+Mj7FZYPaaVSzos7QJmC8N8EdMUjw4m7cMFR+XXIguJzHC2lGWGsb/xQY
yDXz5yVx/L9XJpFI/oWBzSeE0VrH4g+tERam87mTQBSwoWjoWgjcv8dbX54jWgAI
Y8rybBwr54UM9tWczfjitaQGvdj1EGVQLYEZmo5hDu4HrpuZnqWsT3wT2DK53TuL
IrFpgjS98XRX70IeJv6pftM9qmJHSKa7XEw2RYLPCgMzsSWZOfNytd2pgpaeMecZ
JNU43dWWwA7zHlRM1ASyHUtGb2HZLWF9x+kRIHbNZvkRIdLwia8mXtJ8M26h1sF+
97lV8IS3fDs/5cVHhXgnZa+AQKKoU72Gwyzmavl45OAY886AcD8RdlFXxM9+c8/S
oZfO4UJ/RrzBDAcz0QGqgiYoc/3aTVLSz2HpA9iQLF51LNeTfOeHhF2ZwcG1MP/H
WME4BmbXhlPrUcgfPn6eGKaPqUo8aU6gu0mShCN+V/aK1lQq3HaD6wqoSbNrBUsQ
AtPnj4LRNnpe+iqQa7S/w0+A8yic8nlgm6UWZ0cPQDigOqYvs3CSsoYQPkZXgjT5
Fb9ekavODBohZlxVbuWQJ2yoJC+yIdPcsHYvQ8xtg0Z9Iz5xwhlVEO7wHSwxZbiJ
QbjV7iNV6y1K0w+AGZbnPT0R9VZn2pdfa746G6kLBU/FUnOQ4Oo=
=glOk
-----END PGP SIGNATURE-----

--- End Message ---

Reply via email to