Your message dated Sat, 16 Sep 2023 22:01:07 +0000
with message-id <[email protected]>
and subject line Bug#1051726: fixed in viagee 3.7-1
has caused the Debian Bug report #1051726,
regarding viagee: CVE-2020-24904
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
1051726: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1051726
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: viagee
X-Debbugs-CC: [email protected]
Severity: important
Tags: security

Hi,

The following vulnerability was published for gnome-gmail, but I'd
expect it also affects viagee?

CVE-2020-24904[0]:
| An issue was discovered in attach parameter in GNOME Gmail version
| 2.5.4, allows remote attackers to gain sensitive information via
| crafted "mailto" link.

https://github.com/davesteele/gnome-gmail/issues/84

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2020-24904
    https://www.cve.org/CVERecord?id=CVE-2020-24904

Please adjust the affected versions in the BTS as needed.

--- End Message ---
--- Begin Message ---
Source: viagee
Source-Version: 3.7-1
Done: David Steele <[email protected]>

We believe that the bug you reported is fixed in the latest version of
viagee, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
David Steele <[email protected]> (supplier of updated viagee package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 16 Sep 2023 16:32:56 -0400
Source: viagee
Architecture: source
Version: 3.7-1
Distribution: unstable
Urgency: medium
Maintainer: David Steele <[email protected]>
Changed-By: David Steele <[email protected]>
Closes: 1051726
Changes:
 viagee (3.7-1) unstable; urgency=medium
 .
   * Require confirmation for attachments (CVE-2020-24904) (Closes: #1051726).
Checksums-Sha1:
 fbd627e1859f90413adf7a4c8bf185f0cda1fdc8 2273 viagee_3.7-1.dsc
 938c9566de62ac17de0ec028a9a7b0675fbf5ec2 69206 viagee_3.7.orig.tar.gz
 ba6ceabac851e512a95c0b6d77d74ee7aa78b857 833 viagee_3.7.orig.tar.gz.asc
 7eb372a4e321ebc8f1864618816bd4cc5f6f594f 15496 viagee_3.7-1.debian.tar.xz
 9b106b98eba7e79f36a01f5da904dfc3686a0d18 6922 viagee_3.7-1_source.buildinfo
Checksums-Sha256:
 4161eb5105982913adeab359a6e3ec31f6a9018af773fefa086e785cb328aec6 2273 
viagee_3.7-1.dsc
 38e77dcbac3703c2e26cdc629ba0b317ab289e9d025820269a929872d67f3961 69206 
viagee_3.7.orig.tar.gz
 303fad97e9bb7c17a172eb77b3759aec6e64da0aa1fb1c1965a16b23a926befc 833 
viagee_3.7.orig.tar.gz.asc
 3cdea3e4b0fb5a423c537af5a0bf1576d750a4a9de3ceff5a9c8419a76f6b3f8 15496 
viagee_3.7-1.debian.tar.xz
 4bb3c49fe3e4c8320eefe885d30c614d1f7a4899be981ab33f1516ba7f4f6894 6922 
viagee_3.7-1_source.buildinfo
Files:
 62b299b433c45fee1e160c1c801e32ba 2273 mail optional viagee_3.7-1.dsc
 fa75c6983de28a24491e2a1153586269 69206 mail optional viagee_3.7.orig.tar.gz
 6f0f8fe930ad740204fb327afcd1d70f 833 mail optional viagee_3.7.orig.tar.gz.asc
 4c24cf55557fdbef613d847a5b6dba50 15496 mail optional viagee_3.7-1.debian.tar.xz
 dd098f2e26c9776055a4dc14d74ed7d9 6922 mail optional 
viagee_3.7-1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJGBAEBCgAwFiEEi4SQsUoAbTYxHS3FCVnEo9z4n78FAmUGFEsSHHN0ZWVsZUBk
ZWJpYW4ub3JnAAoJEAlZxKPc+J+/eaMQAKL/WzJ4AhMvQSH1VLCmUu6OAGQCCt82
8a0X5pVwG7VwOS9qaIin/03pyZhCDc3whu1wV6rh7TeGNIcvlvNuC6H/6kZsqHIB
h2sjmx4qyrIRSDO3kuHg6huPdnXsQApyiKWuXhidL+cJw3gcwtZDg6il84YyQNS6
+92Pyu5uGNQiMucumfK1FHHnOYFjYgehJYOOi/mbOgWsHf9Mys1qZTWQphLrIryA
Fdn0EuzaUvqtsqCnppD1+cltXEZr74hxLYlTxTah2ZicH72CaKTJSjky8WMghWWi
gD5ists7RveHfj+MzbGQ1Vuw9mUDwZrbzm1Rfpyh9iZx2BP0Q3E7D49T+LI+I/YV
TvLPwnOV3OWBwUkbQzj8Q16ni9F0kLGZ1M0j7heQ2zEbXJeuhecggfyD+D0Ek61r
HAmcNEjDKXaFt72+30hre7ZPrqQfsyElPTjxwFXLtUUCIELYB3kCEG0hxOFz3DeN
pS4xjd9Ty9HzeSnomUrPKd5J0G6kLMxmBc7fBQ8tRDm8QG4tKNgi/rbZPLN7Tgma
x1UnibFSbOBeQxW78Nw0PZ/qXPMe91Z/LT4BegCJzype9SxleTKA7vI7y1ng2t1b
mzcHlN/Gmt5RzQ2lraL0JAkEClEiWobQVI0UrYSasajKxgBbOaUvgMJDOTg+Pxp7
otcW7YYmIPFL
=7NK9
-----END PGP SIGNATURE-----

--- End Message ---

Reply via email to