Your message dated Sat, 23 Oct 2010 15:32:07 +0000
with message-id <e1p9g4l-0007e4...@franck.debian.org>
and subject line Bug#598583: fixed in dimp1 1.1.4+debian2-1.1
has caused the Debian Bug report #598583,
regarding dimp1: XSS with mailbox names
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
598583: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=598583
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: dimp1
Severity: grave
Tags: security
Justification: user security hole
Please see:
http://lists.horde.org/archives/announce/2010/000561.html
Cheers,
Moritz
-- System Information:
Architecture: amd64 (x86_64)
Shell: /bin/sh linked to /bin/bash
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
--- End Message ---
--- Begin Message ---
Source: dimp1
Source-Version: 1.1.4+debian2-1.1
We believe that the bug you reported is fixed in the latest version of
dimp1, which is due to be installed in the Debian FTP archive:
dimp1_1.1.4+debian2-1.1.diff.gz
to main/d/dimp1/dimp1_1.1.4+debian2-1.1.diff.gz
dimp1_1.1.4+debian2-1.1.dsc
to main/d/dimp1/dimp1_1.1.4+debian2-1.1.dsc
dimp1_1.1.4+debian2-1.1_all.deb
to main/d/dimp1/dimp1_1.1.4+debian2-1.1_all.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 598...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Moritz Muehlenhoff <j...@debian.org> (supplier of updated dimp1 package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Sat, 23 Oct 2010 17:25:43 +0200
Source: dimp1
Binary: dimp1
Architecture: source all
Version: 1.1.4+debian2-1.1
Distribution: unstable
Urgency: medium
Maintainer: Debian Horde Maintainers <pkg-horde-hack...@lists.alioth.debian.org>
Changed-By: Moritz Muehlenhoff <j...@debian.org>
Description:
dimp1 - dynamic webmail component for horde framework
Closes: 598583
Changes:
dimp1 (1.1.4+debian2-1.1) unstable; urgency=medium
.
* Non-maintainer upload by the Security Team
* Fix CVE-2010-3693 (Closes: #598583)
Checksums-Sha1:
6392443566fc73f04fe9665d2b8553bfe4846d1a 1254 dimp1_1.1.4+debian2-1.1.dsc
9632b0de4c374deed378dc5a9de0d7204df61743 3584 dimp1_1.1.4+debian2-1.1.diff.gz
f7c2b5f09872f55f633ce15637d3e549fe5ab003 1304272
dimp1_1.1.4+debian2-1.1_all.deb
Checksums-Sha256:
42bca4cef199ced0763cf427d8dc8e1c7a8a05522c3dcb3204b56a4000378e64 1254
dimp1_1.1.4+debian2-1.1.dsc
bc7a489c7f33a76d4d71b10016f7d781dc2a8125bcbe0e162bc921eebb32aa60 3584
dimp1_1.1.4+debian2-1.1.diff.gz
0a7b7f43e1140d582f17084b070645d7599ccd9c73a9543ea1c77a63ffc09fbb 1304272
dimp1_1.1.4+debian2-1.1_all.deb
Files:
5cc27c87586c4d48ce385ce351cbfe14 1254 web optional dimp1_1.1.4+debian2-1.1.dsc
d850fc8926c0c8c3a8569b4e685f987c 3584 web optional
dimp1_1.1.4+debian2-1.1.diff.gz
0319db9eb11136a34c4e2c351714f62b 1304272 web optional
dimp1_1.1.4+debian2-1.1_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAkzC/tIACgkQXm3vHE4uylobegCg0IGdHQIujFXXtVsK4jFawbk9
nQEAn1GDSlFkTbUBB2JNhZ6zM9hCIOXA
=v2Rj
-----END PGP SIGNATURE-----
--- End Message ---
