Your message dated Sun, 07 Sep 2008 18:17:03 +0000
with message-id <[EMAIL PROTECTED]>
and subject line Bug#498159: fixed in bitlbee 1.2.3-1
has caused the Debian Bug report #498159,
regarding bitlbee: Another account hijacking bug
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [EMAIL PROTECTED]
immediately.)
--
498159: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=498159
Debian Bug Tracking System
Contact [EMAIL PROTECTED] with problems
--- Begin Message ---
Package: bitlbee
Version: 1.2.2-1
Severity: grave
Justification: causes non-serious data loss
There's another bug where a new user can overwrite existing accounts. This
does not give one access to anything that shouldn't be accessible, but it
does allow people to delete other people's accounts. 1.2.3 fixed this
problem and I'm about to upload it.
I did a thorough review of all relevant code and made sure this can't happen
again.
-- System Information:
Debian Release: lenny/sid
APT prefers testing
APT policy: (650, 'testing'), (600, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.25-2-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_IE.UTF-8, LC_CTYPE=en_IE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages bitlbee depends on:
ii adduser 3.110 add and remove users and groups
ii debconf [debconf-2.0] 1.5.22 Debian configuration management sy
ii debianutils 2.30 Miscellaneous utilities specific t
ii libc6 2.7-13 GNU C Library: Shared libraries
ii libevent1 1.3e-3 An asynchronous event notification
ii libglib2.0-0 2.16.4-2 The GLib library of C routines
ii libgnutls26 2.4.1-1 the GNU TLS library - runtime libr
ii net-tools 1.60-19 The NET-3 networking toolkit
bitlbee recommends no packages.
bitlbee suggests no packages.
-- debconf information excluded
--- End Message ---
--- Begin Message ---
Source: bitlbee
Source-Version: 1.2.3-1
We believe that the bug you reported is fixed in the latest version of
bitlbee, which is due to be installed in the Debian FTP archive:
bitlbee-dev_1.2.3-1_all.deb
to pool/main/b/bitlbee/bitlbee-dev_1.2.3-1_all.deb
bitlbee_1.2.3-1.diff.gz
to pool/main/b/bitlbee/bitlbee_1.2.3-1.diff.gz
bitlbee_1.2.3-1.dsc
to pool/main/b/bitlbee/bitlbee_1.2.3-1.dsc
bitlbee_1.2.3-1_amd64.deb
to pool/main/b/bitlbee/bitlbee_1.2.3-1_amd64.deb
bitlbee_1.2.3.orig.tar.gz
to pool/main/b/bitlbee/bitlbee_1.2.3.orig.tar.gz
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Wilmer van der Gaast <[EMAIL PROTECTED]> (supplier of updated bitlbee package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Sun, 07 Sep 2008 18:53:04 +0100
Source: bitlbee
Binary: bitlbee bitlbee-dev
Architecture: source amd64 all
Version: 1.2.3-1
Distribution: unstable
Urgency: critical
Maintainer: Wilmer van der Gaast <[EMAIL PROTECTED]>
Changed-By: Wilmer van der Gaast <[EMAIL PROTECTED]>
Description:
bitlbee - An IRC to other chat networks gateway
bitlbee-dev - An IRC to other chat networks gateway
Closes: 498159
Changes:
bitlbee (1.2.3-1) unstable; urgency=critical
.
* New upstream version.
* Fixes another account hijacking issue. (Closes: #498159)
* Restored --pidfile argument to start-stop-daemon, otherwise the init
script fails to restart BitlBee when users are connected.
Checksums-Sha1:
d68fb73ddbc9fd3b3d73bcb3db9b2ee4a4336899 1183 bitlbee_1.2.3-1.dsc
cfa152bd4d0ff703feaeedf55dbab84b64657dc8 475748 bitlbee_1.2.3.orig.tar.gz
a0f6cb373e9d3587367fc1fcad9c26e4d30e2484 21469 bitlbee_1.2.3-1.diff.gz
acab145092563aa2013d594c145a95561fd32204 353092 bitlbee_1.2.3-1_amd64.deb
7f527bb8e79a1b0db102cb3be3c556d8eb35e54f 31156 bitlbee-dev_1.2.3-1_all.deb
Checksums-Sha256:
6496bac1398b3ff28ebf56ebdc42b0648441160a7fd45d7fcd39c03eba17367e 1183
bitlbee_1.2.3-1.dsc
0cbb30188c829dc486f8d1a4157626280f93ae2a60c9f6846fe6414c416745e2 475748
bitlbee_1.2.3.orig.tar.gz
9017a0d35ca7adce8a6161b417163b3ca1502840d453029cf64f5c2dbbd176ec 21469
bitlbee_1.2.3-1.diff.gz
c4f7c8f6b37b761c6e96fe9713d8b2c55ebdc67ef5806b8c5956f7f93d9c2930 353092
bitlbee_1.2.3-1_amd64.deb
eb382d87dd4dddde75c01b7231597ce37f6aad28e2da577c6b38c2c4af33a596 31156
bitlbee-dev_1.2.3-1_all.deb
Files:
50f10e5ad657bc763119f854ae7ca80f 1183 net optional bitlbee_1.2.3-1.dsc
2b1674d98804970809de3da3edf0bed2 475748 net optional bitlbee_1.2.3.orig.tar.gz
9dc10724d9aa8241a34257127f0705cf 21469 net optional bitlbee_1.2.3-1.diff.gz
11374453beb12a6350e2b5f365f81947 353092 net optional bitlbee_1.2.3-1_amd64.deb
0f273852e79b3efcb5bd621d271ca8b2 31156 net optional bitlbee-dev_1.2.3-1_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iD8DBQFIxBX4eYWXmuMwQFERAtIcAKCaQ+JrT/8aLHsHRJcKPa4cMn5e6wCfTDSj
GYBCm1l3BM8cJf/aZxcD1pk=
=nkVd
-----END PGP SIGNATURE-----
--- End Message ---