Your message dated Mon, 8 Oct 2007 11:11:13 +0200 with message-id <[EMAIL PROTECTED]> and subject line Bug#438162: Reopening: package in etch is still vulnerable has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what I am talking about this indicates a serious mail system misconfiguration somewhere. Please contact me immediately.) Debian bug tracking system administrator (administrator, Debian Bugs database)
--- Begin Message ---Package: denyhosts Version: 2.6-1 Severity: grave Tags: security Justification: user security hole >From CVE-2007-4323: "DenyHosts 2.6 does not properly parse sshd log files, which allows remote attackers to add arbitrary hosts to the /etc/hosts.deny file and cause a denial of service by adding arbitrary IP addresses to the sshd log file, as demonstrated by logging in via ssh with a client protocol version identification containing an IP address string, a different vector than CVE-2006-6301." Please mention the CVE id in the changelog.
--- End Message ---
--- Begin Message ---found 438162 2.6-1 fixed 438162 2.6-2.1 thanks Hi Raphael, * Raphael Geissert <[EMAIL PROTECTED]> [2007-10-08 11:04]: > reopen 438162 = > tags 438162 etch > thanks > > Package version in etch is 2.6-1 which is affected. I closed this bug again, there is no need to keep it open, that's what we have version tracking for. Kind regards Nico -- Nico Golde - http://ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted.pgp9znL5MXf4Y.pgp
Description: PGP signature
--- End Message ---