Your message dated Wed, 16 Jan 2013 00:17:33 +0000 with message-id <e1tvghb-0004fh...@franck.debian.org> and subject line Bug#696736: fixed in python-keyring 0.7.1-1+deb7u1 has caused the Debian Bug report #696736, regarding Insecure permissions on database files to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 696736: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=696736 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: python-keyring Severity: grave Tags: security Please see http://www.openwall.com/lists/oss-security/2012/11/16/2 http://people.canonical.com/~ubuntu-security/cve/2012/CVE-2012-5577.html http://people.canonical.com/~ubuntu-security/cve/2012/CVE-2012-5578.html Cheers, Moritz -- System Information: Debian Release: 7.0 APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.2.0-4-amd64 (SMP w/2 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash
--- End Message ---
--- Begin Message ---Source: python-keyring Source-Version: 0.7.1-1+deb7u1 We believe that the bug you reported is fixed in the latest version of python-keyring, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 696...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Sebastian Ramacher <sramac...@debian.org> (supplier of updated python-keyring package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Sun, 06 Jan 2013 22:22:33 +0100 Source: python-keyring Binary: python-keyring python3-keyring Architecture: source all Version: 0.7.1-1+deb7u1 Distribution: testing-proposed-updates Urgency: low Maintainer: Carl Chenet <cha...@ohmytux.com> Changed-By: Sebastian Ramacher <sramac...@debian.org> Description: python-keyring - store and access your passwords safely python3-keyring - store and access your passwords safely - Python 3 version of the Closes: 675379 696736 Changes: python-keyring (0.7.1-1+deb7u1) testing-proposed-updates; urgency=low . * Team upload. * debian/patches: - CVE-2012-4571.patch: backport CryptedFileKeyring from 0.9.3 to fix CVE-2012-4571. (Closes: #675379) - 696736-Fix-insecure-permissions-on-database-files.patch: backport fix from 0.9.2-1.1 to fix insecure permissions on database files. Fix CVE-2012-5578. Thanks Salvatore Bonaccorso. (Closes: #696736) Checksums-Sha1: e5fcff94564b8ebce26225c347d59986bbdc1d78 2178 python-keyring_0.7.1-1+deb7u1.dsc 7d3edbe8d31c29ed684e4907f1e7615224486783 12305 python-keyring_0.7.1-1+deb7u1.debian.tar.gz eec50b472ef8f3581278633b197d80559c78bb01 38496 python-keyring_0.7.1-1+deb7u1_all.deb 41f6ae9cdd1273442f934d5e517d91c857b58617 31576 python3-keyring_0.7.1-1+deb7u1_all.deb Checksums-Sha256: b83f1fbe3ee9fc14e1358d10d2f2150e9857b0d644103e123a61460f1eeecc73 2178 python-keyring_0.7.1-1+deb7u1.dsc ef4a62279ce089e9eb63d30b00f3e15453ef39637f21e744960d0456cf3f2e1f 12305 python-keyring_0.7.1-1+deb7u1.debian.tar.gz 9b179ec6805d4eae0790511b1298d8246cf5489fb81a20cb2893542e750826ac 38496 python-keyring_0.7.1-1+deb7u1_all.deb 90859bc94ef4fae485691ec02f4803e6cc658986bb8220f3d3be41808943738b 31576 python3-keyring_0.7.1-1+deb7u1_all.deb Files: c294b880b21aa051feda968d15c53ece 2178 python optional python-keyring_0.7.1-1+deb7u1.dsc db06d83a0a3ed96ddffb7c225513abf7 12305 python optional python-keyring_0.7.1-1+deb7u1.debian.tar.gz abad2a4a11bca5957b3dbc367358787d 38496 python optional python-keyring_0.7.1-1+deb7u1_all.deb ed9743e0fb9e26247a52cedebe7b577d 31576 python optional python3-keyring_0.7.1-1+deb7u1_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQIcBAEBCAAGBQJQ9fBMAAoJEGny/FFupxmT814QAI/E9IOJz5WmjsJrRcR6BOLU 6aXZfsbSEFlV/bQQ/wTatb8xuISia//JsvZL2uzRM+uBIL5rnlTV6237a8Y3TQqK RvT3HLLjFCWJIsK83aBoUFVB3ZdyI/40oYemaJjhoihVXF+ojd8/g4w+Yyvxid/v mcr00I37EdqNbYSVuOsZ8RlUZmAge8SJD0oKGImPYLSgVCARltnEA6HlgqdQQBBP ox0WaLsUeP4KecTAhqJxSHts5ZjUiyzF3dEu0hir8zo0e0hx+zKzjrBjg46j+etb 1XcsWq6lrpbEY+VfgjsCiCQJJURDt8zPg0vqLazOj/SMGJlBti98ba2MM6qFQFUb yqdlIrMy2WLHunBTiQocEYlX7oSwZz5TFFHe574u4yU2eyp3YLXEICjVksw7A39S 0flhvVLudGjUAtMfZz1i53XDXqIuiwxRhnH2ZpZDOhX675PcJnKIlCHhyRAfgpNX epyqntYLpfp7iGe+FlOuq5ZZNPsjaRpH+DeKmmWcN2HxIARmC/9sUYwwzMRbbo2O RlDrdOjBE5CMi9CUPHo45j4XQKUcXVOkDbxvRtL51AKV7fZFm7TZWcn4k976i0gi M7VYbt8JMsEyk093PPEnU8E3K4CUDwv65L5/xMA53gnTF7Z7vvlwNPEOCfMZlu/W v0idxIN4BLEv3H4KzHK4 =2tIQ -----END PGP SIGNATURE-----
--- End Message ---
