Your message dated Thu, 02 Dec 2010 20:38:02 +0000
with message-id <e1pofuk-0007vd...@franck.debian.org>
and subject line Bug#603841: fixed in libsdp 1.1.99-2.1
has caused the Debian Bug report #603841,
regarding CVE-2010-4173 libsdp: insecure log file handling
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
603841: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=603841
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: libsdp
Severity: grave
Tags: security
Please see https://bugzilla.redhat.com/show_bug.cgi?id=647941
for details.
Please fix this in unstable with an isolated fix and asking
release managers for an unblock afterwards.
Cheers,
Moritz
-- System Information:
Debian Release: squeeze/sid
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.6.32-5-686 (SMP w/1 CPU core)
Locale: LANG=C, lc_ctype=de_de.iso-8859...@euro (charmap=ISO-8859-15)
Shell: /bin/sh linked to /bin/bash
--- End Message ---
--- Begin Message ---
Source: libsdp
Source-Version: 1.1.99-2.1
We believe that the bug you reported is fixed in the latest version of
libsdp, which is due to be installed in the Debian FTP archive:
libsdp1_1.1.99-2.1_amd64.deb
to main/libs/libsdp/libsdp1_1.1.99-2.1_amd64.deb
libsdp_1.1.99-2.1.diff.gz
to main/libs/libsdp/libsdp_1.1.99-2.1.diff.gz
libsdp_1.1.99-2.1.dsc
to main/libs/libsdp/libsdp_1.1.99-2.1.dsc
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 603...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Alexander Reichle-Schmehl <toli...@debian.org> (supplier of updated libsdp
package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Thu, 25 Nov 2010 12:40:59 +0100
Source: libsdp
Binary: libsdp1
Architecture: source amd64
Version: 1.1.99-2.1
Distribution: unstable
Urgency: low
Maintainer: OFED and Debian Developement and Discussion
<pkg-ofed-de...@lists.alioth.debian.org>
Changed-By: Alexander Reichle-Schmehl <toli...@debian.org>
Description:
libsdp1 - Library to allow use of Infiniband Sockets Direct Protocol (SDP)
Closes: 603841
Changes:
libsdp (1.1.99-2.1) unstable; urgency=low
.
* Non-maintainer upload.
* Apply upstream patch to src/log.c for version 1.1.105 to fix
CVE-2010-4173
(Closes: #603841)
Checksums-Sha1:
acae5b91cd53106401ac19cb0c794a9c8f07d107 1845 libsdp_1.1.99-2.1.dsc
8505ff7e66dc99f343af2558ae040d44d6fc621f 3846 libsdp_1.1.99-2.1.diff.gz
061e0362aefdf897752610e68dd1d6b3b860cb09 38642 libsdp1_1.1.99-2.1_amd64.deb
Checksums-Sha256:
80f97bf4d7334ad205b0888b0055cac0fe6f367879d9f5a259738825b8c8519c 1845
libsdp_1.1.99-2.1.dsc
aea30f11508109c1df4b12f4e0d0ff8e66e3566762ee08aa65286aa53cc0eb5c 3846
libsdp_1.1.99-2.1.diff.gz
25307fb53ce74c6c3703e66e171e5e1ee6510dd21847b54fe88ae0593a009224 38642
libsdp1_1.1.99-2.1_amd64.deb
Files:
abe504cb627a7ed578e9ed41767298ae 1845 libs extra libsdp_1.1.99-2.1.dsc
f2491de5b4f65668d68df957abf1fc9f 3846 libs extra libsdp_1.1.99-2.1.diff.gz
6adb0b3bc3bb9816ed4cd9ea9eacaacd 38642 libs extra libsdp1_1.1.99-2.1_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iQIcBAEBCAAGBQJM7k4qAAoJEMJLZaJnLIsSnWkP/1S13ofmz29dMIHg1VArBtIP
SHFoXjPFYoaS+p3S9NIYYiFd5MFQlAnlE0eY1udFv4IouMJeZKjcABMHUrIX0iPy
NkoO4Fsa1FAocKZIr0U2RrenXrOaYCLSdfpDdYq0o2Zwv1VNGovv6Jvez9M1FGKc
CavpMz7gHblfWq6dpUf4w1XDEbKWhs1xg+DI1f12tkbQVWrQy2fF79sxSz19sbKB
7vlONCA+lKUFqmnlDC/GSMpnRUlWZ7e+4L6r2z3UHk/4N7s+yr9jsBm0BgswTy/h
4xJ8lR3aeha0saO7SqDJG3JmvdaudTVHwug3bJZ+qynD1icQbveopGYLEJBJa5dr
PzajR+0MXxqelCWbn7WNkEygYNdN2VVplUWP8bL7fV2hlbB7FVu75Q9KobR88Yaa
ZlrtRpm3Iy/2XqqFwDuDBWyS0x+b+NPntIxGa75epyn5707A5+jfpLdEVQEs6IWw
3CSKUBLoNuqTfntJHLubaYRiyx9A7zyGPQZr1v5wn2rMh0cV3O7OjcdIm/02z+Kf
WF4ijslZccJOifToTdLeXT7o0QgewcTWFbBhmURJZspGMMOMdGC1tVwKvQi6Fzr6
ZLmUKmxt+m7jBIggfSqv4NCKud6NByXQRRtkq4dgM80iWF+hle3j2fgg8BoAOez8
h3IpQ1iIEVfhKX2Pq34H
=Pxu0
-----END PGP SIGNATURE-----
--- End Message ---
