Your message dated Thu, 02 Dec 2010 20:32:43 +0000
with message-id <e1pofpb-0007rj...@franck.debian.org>
and subject line Bug#605095: fixed in banshee 1.6.1-1.1
has caused the Debian Bug report #605095,
regarding CVE-2010-3998
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
605095: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=605095
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: banshee
Severity: grave
Tags: security
Hi,
please see https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-3998
for details and a patch. Please upload a targeted fix for Squeeze
and not a whole new upstream release.
Cheers,
Moritz
-- System Information:
Debian Release: squeeze/sid
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.6.32-5-686 (SMP w/1 CPU core)
Locale: LANG=C, lc_ctype=de_de.iso-8859...@euro (charmap=ISO-8859-15)
Shell: /bin/sh linked to /bin/bash
Versions of packages banshee depends on:
pn gstreamer0.10-gnomevfs <none> (no description available)
pn gstreamer0.10-plugins-base <none> (no description available)
pn gstreamer0.10-plugins-good <none> (no description available)
ii hal 0.5.14-3 Hardware Abstraction Layer
pn libboo2.0-cil <none> (no description available)
ii libc6 2.11.2-7 Embedded GNU C Library: Shared lib
ii libcairo2 1.8.10-6 The Cairo 2D vector graphics libra
pn libgconf2.0-cil <none> (no description available)
pn libglade2.0-cil <none> (no description available)
ii libglib2.0-0 2.24.2-1 The GLib library of C routines
pn libglib2.0-cil <none> (no description available)
pn libgnome2.0-cil <none> (no description available)
ii libgstreamer-plugins-base0.10 0.10.30-1 GStreamer libraries from the "base
ii libgstreamer0.10-0 0.10.30-1 Core GStreamer libraries and eleme
ii libgtk2.0-0 2.20.1-2 The GTK+ graphical user interface
pn libgtk2.0-cil <none> (no description available)
pn libmono-addins-gui0.2-cil <none> (no description available)
pn libmono-addins0.2-cil <none> (no description available)
pn libmono-cairo2.0-cil <none> (no description available)
pn libmono-corlib2.0-cil <none> (no description available)
pn libmono-sharpzip2.84-cil <none> (no description available)
pn libmono-sqlite2.0-cil <none> (no description available)
pn libmono-system-data2.0-cil <none> (no description available)
pn libmono-system-web2.0-cil <none> (no description available)
pn libmono-system2.0-cil <none> (no description available)
pn libmono2.0-cil <none> (no description available)
pn libmtp7 <none> (no description available)
pn libndesk-dbus-glib1.0-cil <none> (no description available)
pn libndesk-dbus1.0-cil <none> (no description available)
pn libnotify0.4-cil <none> (no description available)
ii libpango1.0-0 1.28.3-1 Layout and rendering of internatio
pn libtaglib2.0-cil <none> (no description available)
ii libx11-6 2:1.3.3-4 X11 client-side library
pn mono-runtime <none> (no description available)
Versions of packages banshee recommends:
pn brasero <none> (no description available)
ii gstreamer0.10-ffmpeg 0.10.10-1 FFmpeg plugin for GStreamer
pn gstreamer0.10-plugins-bad <none> (no description available)
pn gstreamer0.10-plugins-ugly <none> (no description available)
pn podsleuth <none> (no description available)
banshee suggests no packages.
--- End Message ---
--- Begin Message ---
Source: banshee
Source-Version: 1.6.1-1.1
We believe that the bug you reported is fixed in the latest version of
banshee, which is due to be installed in the Debian FTP archive:
banshee-dbg_1.6.1-1.1_amd64.deb
to main/b/banshee/banshee-dbg_1.6.1-1.1_amd64.deb
banshee_1.6.1-1.1.debian.tar.gz
to main/b/banshee/banshee_1.6.1-1.1.debian.tar.gz
banshee_1.6.1-1.1.dsc
to main/b/banshee/banshee_1.6.1-1.1.dsc
banshee_1.6.1-1.1_amd64.deb
to main/b/banshee/banshee_1.6.1-1.1_amd64.deb
monodoc-banshee-manual_1.6.1-1.1_all.deb
to main/b/banshee/monodoc-banshee-manual_1.6.1-1.1_all.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 605...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Alexander Reichle-Schmehl <toli...@debian.org> (supplier of updated banshee
package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Thu, 02 Dec 2010 16:09:41 +0100
Source: banshee
Binary: banshee banshee-dbg monodoc-banshee-manual
Architecture: source amd64 all
Version: 1.6.1-1.1
Distribution: unstable
Urgency: high
Maintainer: Debian CLI Applications Team
<pkg-cli-apps-t...@lists.alioth.debian.org>
Changed-By: Alexander Reichle-Schmehl <toli...@debian.org>
Description:
banshee - Media Management and Playback application
banshee-dbg - Media Management and Playback application (debug symbols)
monodoc-banshee-manual - Media Management and Playback application (developer
documentatio
Closes: 605095
Changes:
banshee (1.6.1-1.1) unstable; urgency=high
.
* Non-maintainer upload.
* Apply security fix for CVE-2010-3998 to fix insecure library loading
(Closes: #605095)
* Thanks to Moritz Muehlenhoff for the pointer and Vincent Danen for the
patch!
* Set urgency to high due to security related RC fix
Checksums-Sha1:
959f3695ef5b59d8d872041fa83591143818e10b 2828 banshee_1.6.1-1.1.dsc
f24a0840c9b7d8f5d3e38258da7c0f26105c6c93 24207 banshee_1.6.1-1.1.debian.tar.gz
647df7d8a7c733c7859c7caaa20f716350015c08 3609602 banshee_1.6.1-1.1_amd64.deb
59c4974da50e483cf64a104aa119732a5e2e389b 1565334
banshee-dbg_1.6.1-1.1_amd64.deb
b3b2f4a1c0ab2ebc5a7342abf5ea80970d501583 690184
monodoc-banshee-manual_1.6.1-1.1_all.deb
Checksums-Sha256:
a33aeb6e29f380f5ab16459244b6ee91dbce6e44f39f927704437cdc73dea23d 2828
banshee_1.6.1-1.1.dsc
8a697f09c2e2c98ee30aba25370677ac75865ca3d805bcd015319c58741039d6 24207
banshee_1.6.1-1.1.debian.tar.gz
c85013a5105c7f770e5cfa7a441c9983bcc0a5cea1332177b95a90c0de5bab1f 3609602
banshee_1.6.1-1.1_amd64.deb
37e4583e9c1782b1b570910062d63a64924cc5928092caaaa8e90e74185501c0 1565334
banshee-dbg_1.6.1-1.1_amd64.deb
f196a0dc60d0ee0e6ac7d51b93eb19512be262627e2f8c1361d454b61ae1bba6 690184
monodoc-banshee-manual_1.6.1-1.1_all.deb
Files:
9bd50ff0b216f949b9a98151db99fed1 2828 sound optional banshee_1.6.1-1.1.dsc
23eb11b23de1cd6532ef65cdd5fab316 24207 sound optional
banshee_1.6.1-1.1.debian.tar.gz
adee983d162d4e1705b2f17a0474975f 3609602 sound optional
banshee_1.6.1-1.1_amd64.deb
721ec71a45c74fd45fc83b175280b66f 1565334 debug extra
banshee-dbg_1.6.1-1.1_amd64.deb
392b108ac399b03d48c2c5b6c3e7b805 690184 doc optional
monodoc-banshee-manual_1.6.1-1.1_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iQIcBAEBCAAGBQJM97g7AAoJEMJLZaJnLIsSrxoP/RCQZU7M6sd+8+44pSieJqDh
0MqJU7SiC7j43VWvt6Bf3ooK5uhh2AtOFqUn3VZ8L8CbcY/P84jmFYmv9vk3gxmw
GtWmVYtzu9a5HMuiWdxMx26NfChunRWUkJ+avwbQc85Re1G1Afp29LZut6SPeTet
/9MS81Lnm2BT6SL3Q0fyT2CsWD3HvnfB6pdBpOr5R0AQJ/BPEjRm5wawvuMCR47z
SV3H6wc10m77TLcwInDl35dvKxPTxGzvWt0ZSWw3bR2tRrr2aoqrJ+G2EXYiUhf4
uF7zZePcLDCth6RAXXFTnktoewkTlCknILQj9skUPY9WpkzOZnEcP+WZ43yQI5Fl
7rLQYv+RZ6FbQ/Ygk+PYj6JoxqD7vn/+ejbfPbizwuLcTUTxjTwJ91r4pI7E2wHB
ylBdbnV5dorQOymb54DoafZCRJnL9KCJiRPmDt/+gsH3/rzjXZbm3uv3FY/wIPCr
kqwH4jxMhaFvZpBw8oGCHyEykXsqyM4PsJSlxfImiYp32MhoKtpg4iVNom1le9Hv
T84ZrpyV9+lSSXfYms3aAoc1Osb5IJGVJxqFn0RmsQWm6wXIp2264nlZr9mcX6dK
l0GEgZ0y4A7fPWM+6OJ4EuOYfbW8kT2/GwVv2P6IzXX+e3aCmHXSO0XBZQz2dEPb
lZ2FdwstrT11PaMxRN3h
=tHLZ
-----END PGP SIGNATURE-----
--- End Message ---
