Your message dated Sun, 20 Jan 2013 22:32:35 +0000 with message-id <e1tx3rl-0004wx...@franck.debian.org> and subject line Bug#698545: fixed in haskell-tls-extra 0.4.6.1-1 has caused the Debian Bug report #698545, regarding Basic constraints vulnerability to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 698545: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=698545 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Source: haskell-tls-extra Severity: grave Tags: security upstream -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, someone reported a security problem against tls-extra: https://github.com/vincenthz/hs-tls/issues/29 The author is contacted to see if he can backport the fix to 0.4.6: http://www.haskell.org/pipermail/haskell-cafe/2013-January/105844.html Greetings, Joachim - -- System Information: Debian Release: 7.0 APT prefers unstable APT policy: (500, 'unstable'), (101, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.5-trunk-amd64 (SMP w/4 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iEYEARECAAYFAlD7wQ4ACgkQ9ijrk0dDIGwLugCfSoF8gvqqea3km2mWK2FdWTy7 eB4An3Rs75tpgdG64yKnNq2S49vh3RCn =DIgk -----END PGP SIGNATURE-----
--- End Message ---
--- Begin Message ---Source: haskell-tls-extra Source-Version: 0.4.6.1-1 We believe that the bug you reported is fixed in the latest version of haskell-tls-extra, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 698...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Joachim Breitner <nome...@debian.org> (supplier of updated haskell-tls-extra package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Sun, 20 Jan 2013 23:26:26 +0100 Source: haskell-tls-extra Binary: libghc-tls-extra-dev libghc-tls-extra-prof libghc-tls-extra-doc Architecture: source all amd64 Version: 0.4.6.1-1 Distribution: unstable Urgency: low Maintainer: Debian Haskell Group <pkg-haskell-maintain...@lists.alioth.debian.org> Changed-By: Joachim Breitner <nome...@debian.org> Description: libghc-tls-extra-dev - TLS extra default values and helpers libghc-tls-extra-doc - TLS extra default values and helpers; documentation libghc-tls-extra-prof - TLS extra default values and helpers; profiling libraries Closes: 698545 Changes: haskell-tls-extra (0.4.6.1-1) unstable; urgency=low . * New upstream release, aimed for wheezy. Closes: #698545, a certificate validation security flaw. * Added patch: patches/pretend-lower-version This upstream release contains a bugfix that does not modify the ABI of the resulting library. To avoid having to recompile its reverse dependencies, we patch the .cabal file to pretend to be still version 0.4.6. Checksums-Sha1: 7a29268bab8c52c1aa0920d84905a4aa9ac70050 2425 haskell-tls-extra_0.4.6.1-1.dsc 3d011e081de57a3118a47ea994e2b4953396d607 7955 haskell-tls-extra_0.4.6.1.orig.tar.gz 01c9380104bc897e5fdabac407b3a60b75b00550 2944 haskell-tls-extra_0.4.6.1-1.debian.tar.gz f076f899e09889549a2c0ce8d79b0df7ad8b612c 46722 libghc-tls-extra-doc_0.4.6.1-1_all.deb c9396003626940bc7d88f13e114f50c1798944e0 74466 libghc-tls-extra-dev_0.4.6.1-1_amd64.deb 3dd334657afc66864f98361996dea6300b4688e8 65486 libghc-tls-extra-prof_0.4.6.1-1_amd64.deb Checksums-Sha256: b4c62e5af82741fbf750ceed63d94e2058243f8480faa42629fde33df9f47a85 2425 haskell-tls-extra_0.4.6.1-1.dsc 3cd18268947a8294a12582ea19ea5a3acefa2baa8494a0131268bc8c078466da 7955 haskell-tls-extra_0.4.6.1.orig.tar.gz 596dd165b499c349fca2564a037b55b4a56afbf9f7ece860c2ce625c95bfef68 2944 haskell-tls-extra_0.4.6.1-1.debian.tar.gz 7af32bda7ff4c5e565c029bdd0338794535970aee815f013da734ca4630e3cb7 46722 libghc-tls-extra-doc_0.4.6.1-1_all.deb 15652067dca849d023f27e39c77cc85af1afdf6a7511938371d8a7342d510303 74466 libghc-tls-extra-dev_0.4.6.1-1_amd64.deb 10bf39ed366b459e12e2139f42b826e9d4214173787c1c27bbb7abde6732a52a 65486 libghc-tls-extra-prof_0.4.6.1-1_amd64.deb Files: 2364eae367468055f88c668bc7b15e38 2425 haskell extra haskell-tls-extra_0.4.6.1-1.dsc 49ecc28fb588262691af3594a6e227a2 7955 haskell extra haskell-tls-extra_0.4.6.1.orig.tar.gz f7f1c5aac649c7760804a64a22316ccc 2944 haskell extra haskell-tls-extra_0.4.6.1-1.debian.tar.gz 3133df60e13a3ffbd9f71616be9d4628 46722 doc extra libghc-tls-extra-doc_0.4.6.1-1_all.deb 38a779fc07c8ca7828bdc5d794cf25ba 74466 haskell extra libghc-tls-extra-dev_0.4.6.1-1_amd64.deb 1a78beaf5cf19c5b9639f6b1dc6fb5e7 65486 haskell extra libghc-tls-extra-prof_0.4.6.1-1_amd64.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iEYEARECAAYFAlD8b/cACgkQ9ijrk0dDIGySeACdHjeG+yMuIE8m38F3Gvk0i7JM JQ0AniHsPioQwsf7o7WeuTagxsNcT/XB =1OAf -----END PGP SIGNATURE-----
--- End Message ---
