Your message dated Mon, 28 Jan 2013 21:02:29 +0000 with message-id <e1tzvqx-0004sz...@franck.debian.org> and subject line Bug#698231: fixed in memcached 1.4.13-0.2 has caused the Debian Bug report #698231, regarding memcached: CVE-2013-0179 to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 698231: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=698231 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: memcached Severity: grave Tags: security Justification: user security hole A minor security issue was found in memcached: http://www.openwall.com/lists/oss-security/2013/01/14/6 This doesn't warrant a DSA, but you could fix it through a point update. For Wheezy a minimal fix should be made instead of updating to a new upstream release. Cheers, Moritz
--- End Message ---
--- Begin Message ---Source: memcached Source-Version: 1.4.13-0.2 We believe that the bug you reported is fixed in the latest version of memcached, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 698...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Salvatore Bonaccorso <car...@debian.org> (supplier of updated memcached package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Wed, 23 Jan 2013 21:22:09 +0100 Source: memcached Binary: memcached Architecture: source amd64 Version: 1.4.13-0.2 Distribution: unstable Urgency: low Maintainer: David MartÃnez Moreno <en...@debian.org> Changed-By: Salvatore Bonaccorso <car...@debian.org> Description: memcached - A high-performance memory object caching system Closes: 698231 Changes: memcached (1.4.13-0.2) unstable; urgency=low . * Non-maintainer upload. * Add 05_fix-buffer-overrun_when_logging_keys.patch patch [SECURITY] CVE-2013-0179: DoS due to buffer overrun when printing out keys to be deleted in verbose mode. (Closes: #698231). Checksums-Sha1: ef93dd68447305b95c54fa73df9f248ae06717e3 1528 memcached_1.4.13-0.2.dsc 082849bf141ac23fc5dfd73acd1b18bd7acd4e88 329382 memcached_1.4.13-0.2.tar.gz 121bf718c3329b6428b0f2e23e9bb7a572968fc9 86682 memcached_1.4.13-0.2_amd64.deb Checksums-Sha256: 5ec3bf230b941cdda277c772edc2acb6121d63ee52b9eb2f934503871d7e67bc 1528 memcached_1.4.13-0.2.dsc 866818e7889591487012748ec978452460f92afbe14a5902d893a093279ce8a0 329382 memcached_1.4.13-0.2.tar.gz efe3092e4c597b859c057b26e5a7214cfcae3f743809ec0f4c628394718bb8ae 86682 memcached_1.4.13-0.2_amd64.deb Files: f3d6b9893f697dc36e3ff79fb8ca5cc0 1528 web optional memcached_1.4.13-0.2.dsc c5436366b8fba7a3f7b2e3f6683ae2b7 329382 web optional memcached_1.4.13-0.2.tar.gz 3f3abe02054b0b3bf7a186be489a6812 86682 web optional memcached_1.4.13-0.2_amd64.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQIcBAEBCgAGBQJRAEbUAAoJEHidbwV/2GP+q2cQANKtVZ3zFmQRmY9t0DkFHcbU xo+z9cEG+WW68CxyZIxXsI3nAUMrwGLOTR8CEPnr8MvXMAbiVpw9Nf7kZxarw+PO iTSLQPKzOM4ny21BNvrRzGbpaP8pJr8853khGd9GFUDiUh91MRr16yZtgX3hkkCp hXjZCoMEp8fupehSiQga1c9KuVaEb3z3K3RqafJ/mlYKgOpCVP+EDjo7BdOe/oQ/ yABYNhwP/V9FjahmVy8uIz1Md1T8Log0pT15louMhumjBRy2Orkyn6VobOsXe6Ze Bi+lOmcBpQR5GWv28E6W1zS5Dolsb5GGmnQoM06EIIwH7pqPT2fsQUhDwzxAY9W2 LsLiQjmzYtIb2qcOOjA4v7BQgkk+0YipZI/86+GXroab9z7mKpIRVTO2YsTgGDhL AZQBbHMwWORXE/O2N2cEr5ZdDw/NMyamsZ9aqjzpePTOim8OuJGlck7kkCK7GgId bHdduV5HsTsmeT6sdoUhdEMHYhijXyzgE7yb4BCmt3+2pjfR3lJm0jmycClV86Kp jRT6QOQo31z7fJcT6S+tTnLj2JJ0/x+KDC08MbRma2OCd8hCmxbV+78K7Uy1XRxL Zu7ElcaoWfzG4sKfAnUSSf9pT2sZsfS7XpoAMhA6vhJHIYvGYYs7iZGhEQOf5H7I ptHTGcjIc0f/g6RAS4R6 =72gO -----END PGP SIGNATURE-----
--- End Message ---
