Your message dated Sat, 03 Apr 2010 15:00:36 +0000
with message-id <e1ny4pw-00022o...@ries.debian.org>
and subject line Bug#574760: fixed in glpi 0.72.4-2
has caused the Debian Bug report #574760,
regarding phpCAS XSS vulnerablity PHPCAS-52
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
574760: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=574760
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: glpi
Severity: serious
Tags: security patch
Hi,
phpCAS, which is embedded by GLPI, has fixed an XSS vulnerablity. Details and
the patch are availbale at their bug tracker:
http://www.ja-sig.org/issues/browse/PHPCAS-52
Can you please see that this bug gets fixed in the GLPI copy of phpCAS, and
ensure that upstream GLPI includes the fix aswell?
thanks,
Thijs
signature.asc
Description: This is a digitally signed message part.
--- End Message ---
--- Begin Message ---
Source: glpi
Source-Version: 0.72.4-2
We believe that the bug you reported is fixed in the latest version of
glpi, which is due to be installed in the Debian FTP archive:
glpi_0.72.4-2.diff.gz
to main/g/glpi/glpi_0.72.4-2.diff.gz
glpi_0.72.4-2.dsc
to main/g/glpi/glpi_0.72.4-2.dsc
glpi_0.72.4-2_all.deb
to main/g/glpi/glpi_0.72.4-2_all.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 574...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Pierre Chifflier <pol...@debian.org> (supplier of updated glpi package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Sat, 27 Mar 2010 20:52:01 +0100
Source: glpi
Binary: glpi
Architecture: source all
Version: 0.72.4-2
Distribution: unstable
Urgency: high
Maintainer: Pierre Chifflier <pol...@debian.org>
Changed-By: Pierre Chifflier <pol...@debian.org>
Description:
glpi - IT and Asset management software
Closes: 574760
Changes:
glpi (0.72.4-2) unstable; urgency=high
.
* Fix phpCAS XSS vulnerablity PHPCAS-52 (Closes: #574760)
* Build-depend on quilt, and add patch for phpcas
Checksums-Sha1:
fa94ad1496ccb99545b7ab465b4ad3d1b768b1e2 933 glpi_0.72.4-2.dsc
99d37969474e783321d4effd9e4496ace582ddfe 12248 glpi_0.72.4-2.diff.gz
10c51585ad8f600596eac828678b410e3720ef1a 2792082 glpi_0.72.4-2_all.deb
Checksums-Sha256:
c4312aa2c2ed901552ea5cd7013ad49a52484f6d9efb32109c63dc3e7ee0ba00 933
glpi_0.72.4-2.dsc
ecfa832251467a97eb0b35cbf64600b1c70c55ff0482289749eaff847063ef1d 12248
glpi_0.72.4-2.diff.gz
c0cf8e9077b523c2287e5f45055159cd498fe7d337100fc71e0e2183400a8ff8 2792082
glpi_0.72.4-2_all.deb
Files:
be1d9107de6a22e75d230ef82d85ad5d 933 web optional glpi_0.72.4-2.dsc
02c3720f121e2a5dedf2b8394400758a 12248 web optional glpi_0.72.4-2.diff.gz
a14d30bfba3b61bac8490fd89e34f2e7 2792082 web optional glpi_0.72.4-2_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iD8DBQFLrml2twVrWo1fQMsRArnvAKCmq/XnXQ780v/JwB2zgkg1SLbFQQCfSp+q
QbCUVWrW1MJOHtCagM8k0i8=
=e6OL
-----END PGP SIGNATURE-----
--- End Message ---
