Your message dated Wed, 02 Feb 2022 20:35:49 +0000
with message-id <[email protected]>
and subject line Bug#1004173: fixed in prosody 0.11.9-2+deb11u2
has caused the Debian Bug report #1004173,
regarding prosody: Regression from CVE-2022-0217: memory leak
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
1004173: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004173
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: prosody
Version: 0.11.12-1
Severity: important
Tags: upstream
X-Debbugs-Cc: [email protected], Debian Security Team <[email protected]>
Control: found -1 0.11.2-1+deb10u3
Control: found -1 0.11.9-2+deb11u1
Control: affects -1 security.debian.org,release.debian.org
Hi,
https://www.openwall.com/lists/oss-security/2022/01/20/4 mentions a
regression from the security fix for CVE-2022-0217.
Fixing commit: https://hg.prosody.im/trunk/rev/e5e0ab93d7f4
Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: prosody
Source-Version: 0.11.9-2+deb11u2
Done: Victor Seva <[email protected]>
We believe that the bug you reported is fixed in the latest version of
prosody, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Victor Seva <[email protected]> (supplier of updated prosody package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Thu, 27 Jan 2022 18:09:08 +0100
Source: prosody
Architecture: source
Version: 0.11.9-2+deb11u2
Distribution: bullseye-security
Urgency: medium
Maintainer: Debian XMPP Maintainers <[email protected]>
Changed-By: Victor Seva <[email protected]>
Closes: 1004173
Changes:
prosody (0.11.9-2+deb11u2) bullseye-security; urgency=medium
.
* CVE-2022-0217 fix memory leak (Closes: #1004173)
Checksums-Sha1:
6ef30493ac5eac62ea3b4dee3d98cb290d91016a 1905 prosody_0.11.9-2+deb11u2.dsc
fec0129341e9a5214a4ffa29262a5ecff094d021 30256
prosody_0.11.9-2+deb11u2.debian.tar.xz
663fcd97d0452f6f00f8d2b511e96b33af5711b4 6771
prosody_0.11.9-2+deb11u2_amd64.buildinfo
Checksums-Sha256:
c7cb7b86b48e4c317e3f9f39925cbe3431f19347a6b086d15c5ffd8d64c32ffe 1905
prosody_0.11.9-2+deb11u2.dsc
2919c9e296049c134762ce040a87e852d4fce992996ad05691f0d1c4efe8005d 30256
prosody_0.11.9-2+deb11u2.debian.tar.xz
c59a54e95bce7f6ce4f3e40b2ba571f3b3bd3fe18f58a03bbcbc74e86b169674 6771
prosody_0.11.9-2+deb11u2_amd64.buildinfo
Files:
f366d938a1d4eac2409dafd618cef0d6 1905 net optional prosody_0.11.9-2+deb11u2.dsc
cf36676e77923d7bb1494196b832ef31 30256 net optional
prosody_0.11.9-2+deb11u2.debian.tar.xz
1c02fd52ccf61d1f0c7ba72f41c99134 6771 net optional
prosody_0.11.9-2+deb11u2_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQFFBAEBCgAvFiEEDmBQEMrYIhRFqKAgIXSmjn2oLMcFAmHy1o0RHHZzZXZhQGRl
Ymlhbi5vcmcACgkQIXSmjn2oLMej9wf8CeFiN3i7n7m54jQR0Ys0rvM5UbwmEfgu
W7eJFIzQ4x9Fr669idk9hPVqDdhdPFCwqUwYWVPFHKdiO0Hie4kR1s13h11C5g2/
RAIQhQEvxfpWrLyubgpKjXugm2HYvtUy47G/xz1Djwass7kg8imj7AlSDoWWgCTf
KhKuzegWLG2GL8GCN0Pp5UB5m/ZWB/dUfazQx3puoM13u0CxxOFnjmcvsm/LvKeJ
CcIAD+qqw8GXmLIuYQX+t5RUjz9ubJB4nrhEldtBWFUKRC5sYTy7pIB0RcBJksJx
ngT/Emx9Ur1jN0msFZCerZTOKQpzKMaou3SdzStTd3+ysB3erNN0cw==
=M9+p
-----END PGP SIGNATURE-----
--- End Message ---
