Bug#576308: marked as done (OpenDcHub 0.8.1 Remote Code Execution Exploit)

Debian Bug Tracking System Tue, 27 Apr 2010 10:36:20 -0700

Your message dated Tue, 27 Apr 2010 17:34:17 +0000
with message-id <e1o6ofp-0002ot...@ries.debian.org>
and subject line Bug#576308: fixed in opendchub 0.8.2-2
has caused the Debian Bug report #576308,
regarding OpenDcHub 0.8.1 Remote Code Execution Exploit
to be marked as done.


This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
576308: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=576308
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

--- Begin Message ---

Package: opendchub
Version: OpenDcHub 0.8.1 Remote Code Execution Exploit
Severity: grave
Tags: security

This was reported to full-disclosure:

http://www.indahax.com/exploits/opendchub-0-8-1-remote-code-execution-exploit#more-600

Please get in touch with upstream for a fix.

Cheers,
        Moritz

-- System Information:
Debian Release: squeeze/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: i386 (i686)

Kernel: Linux 2.6.32-3-686 (SMP w/1 CPU core)
Locale: LANG=C, lc_ctype=de_de.iso-8859...@euro (charmap=ISO-8859-15)
Shell: /bin/sh linked to /bin/bash

Versions of packages opendchub depends on:
ii  libc6                         2.10.2-6   Embedded GNU C Library: Shared lib
pn  libcap1                       <none>     (no description available)
ii  libperl5.10                   5.10.1-11  shared Perl library

opendchub recommends no packages.

opendchub suggests no packages.

--- End Message ---

--- Begin Message ---

Source: opendchub
Source-Version: 0.8.2-2

We believe that the bug you reported is fixed in the latest version of
opendchub, which is due to be installed in the Debian FTP archive:

opendchub_0.8.2-2.debian.tar.gz
  to main/o/opendchub/opendchub_0.8.2-2.debian.tar.gz
opendchub_0.8.2-2.dsc
  to main/o/opendchub/opendchub_0.8.2-2.dsc
opendchub_0.8.2-2_amd64.deb
  to main/o/opendchub/opendchub_0.8.2-2_amd64.deb
opendchub_0.8.2.orig.tar.gz
  to main/o/opendchub/opendchub_0.8.2.orig.tar.gz



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 576...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Zak B. Elep <zak...@zakame.net> (supplier of updated opendchub package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Fri, 23 Apr 2010 13:59:56 +0800
Source: opendchub
Binary: opendchub
Architecture: source amd64
Version: 0.8.2-2
Distribution: unstable
Urgency: low
Maintainer: Zak B. Elep <zak...@zakame.net>
Changed-By: Zak B. Elep <zak...@zakame.net>
Description: 
 opendchub  - hub clone for DC (Direct Connect P2P network)
Closes: 564888 576308
Changes: 
 opendchub (0.8.2-2) unstable; urgency=low
 .
   * Switch to new source package format 3.0 (quilt)
   * debian/NEWS: Fix for lintian informational warning
   * Fix spelling and grammar errors in the source, again per lintian
 .
 opendchub (0.8.2-1) unstable; urgency=low
 .
   * New upstream version (Closes: #564888)
     + Fix remote code execution exploit, thanks jmm@ (Closes: #576308)
Checksums-Sha1: 
 4bdd79cb6c4f4f0bd7556afb187b356c2d77cadf 1277 opendchub_0.8.2-2.dsc
 2236861833d24a6af1dffe6cc5571d0cf64d3dc0 188551 opendchub_0.8.2.orig.tar.gz
 0336a8aae62ef7d4e74ddbbb4ba04ed5ac79c7e3 9053 opendchub_0.8.2-2.debian.tar.gz
 be061bda53a90d0b80cd1cea789821e1fe8cbe9a 108712 opendchub_0.8.2-2_amd64.deb
Checksums-Sha256: 
 e93bd518f3e73258a55039a184f58ed5935a3ef2bba48274784d54c025a666a2 1277 
opendchub_0.8.2-2.dsc
 c00d5859fde939741699026da9d4d5fd0b409474608353710204c3c78a8ac5bf 188551 
opendchub_0.8.2.orig.tar.gz
 e9421be8dfb39c4b77838acf68eb10783b06e655e67f360952c4ddd6e28903fb 9053 
opendchub_0.8.2-2.debian.tar.gz
 4e5b02c18964045571a64a2eceb58556f0c124cf3c7aebc7491becaeac83e78a 108712 
opendchub_0.8.2-2_amd64.deb
Files: 
 82ef6d8657d0981cd1a93c9aaa66104e 1277 net optional opendchub_0.8.2-2.dsc
 e812ac26323f3a8113ce1a0761ce9544 188551 net optional 
opendchub_0.8.2.orig.tar.gz
 55b9aab46044da8b209655d245d8d255 9053 net optional 
opendchub_0.8.2-2.debian.tar.gz
 334bad09bbc6c71c0ea5c067b33bb221 108712 net optional 
opendchub_0.8.2-2_amd64.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iEYEARECAAYFAkvXHKMACgkQ2XA5inpabMfBjwCeKrqL/ZFvs5HO9YJv71Q0mV1h
y7wAn22uCkRuTSIruNitjT1Qgrxymq4x
=pydm
-----END PGP SIGNATURE-----

--- End Message ---

Bug#576308: marked as done (OpenDcHub 0.8.1 Remote Code Execution Exploit)

Reply via email to