Your message dated Thu, 01 Aug 2013 19:17:32 +0000 with message-id <e1v4ynq-0003tr...@franck.debian.org> and subject line Bug#714362: fixed in php-radius 1.2.5-2.3+deb7u1 has caused the Debian Bug report #714362, regarding php-radius: CVE-2013-2220: security issue in radius_get_vendor_attr() to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 714362: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=714362 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: php-radius Severity: serious Tags: security patch Hi, A new upstream release of php-radius is available which fixes a security issue. http://pecl.php.net/package-info.php?package=radius&version=1.2.7 The relevant patch is https://github.com/LawnGnome/php-radius/commit/13c149b051f82b709e8d7cc32111e84b49d57234 A CVE id has been requested and will follow. Can you please fix this issue for unstable, and see if you can prepare updates for (old)stable? thanks, Thijs -- System Information: Debian Release: 7.1 APT prefers stable APT policy: (500, 'stable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 3.2.0-4-amd64 (SMP w/4 CPU cores) Locale: LANG=nl_NL.UTF-8, LC_CTYPE=nl_NL.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash
--- End Message ---
--- Begin Message ---Source: php-radius Source-Version: 1.2.5-2.3+deb7u1 We believe that the bug you reported is fixed in the latest version of php-radius, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 714...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Thijs Kinkhorst <th...@debian.org> (supplier of updated php-radius package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Thu, 25 Jul 2013 14:28:53 +0200 Source: php-radius Binary: php5-radius php-radius-legacy Architecture: source all amd64 Version: 1.2.5-2.3+deb7u1 Distribution: wheezy-security Urgency: high Maintainer: Roberto Lumbreras <ro...@debian.org> Changed-By: Thijs Kinkhorst <th...@debian.org> Description: php-radius-legacy - Radius protocol implementation in PHP php5-radius - PECL radius module for PHP 5 Closes: 714362 Changes: php-radius (1.2.5-2.3+deb7u1) wheezy-security; urgency=high . * Non-maintainer upload. * Fix security issue in radius_get_vendor_attr() (CVE-2013-2220, closes: #714362) Checksums-Sha1: d35d60b0f6a0324d6a2548ac4557061a1f199b05 1437 php-radius_1.2.5-2.3+deb7u1.dsc 6a7226341c2db3e9f2114fa9d160d86b38b76b9d 29750 php-radius_1.2.5.orig.tar.gz a5e2c139a2eca514165303cb37d4f75bbf03465e 11405 php-radius_1.2.5-2.3+deb7u1.diff.gz 0de631413da7430fec7715367e2fe0aa4ad37c6e 8728 php-radius-legacy_1.2.5-2.3+deb7u1_all.deb ee238916cea4d5f46d4c9ff1274fd5cd84e19c74 32862 php5-radius_1.2.5-2.3+deb7u1_amd64.deb Checksums-Sha256: 91c65a99c50d07287a834be4ff2279928745f3124c0bd4aa888a2c5ab366f1ad 1437 php-radius_1.2.5-2.3+deb7u1.dsc 277fb9ba1dbef9c051b1db435cfd1f4421ebc612de3e6fd5eb9d2ed94639d23f 29750 php-radius_1.2.5.orig.tar.gz c0570aedbc5e05e9889b0776b700ed417c6a77583cbf5b7c4d06fd7c0e82516f 11405 php-radius_1.2.5-2.3+deb7u1.diff.gz 065725a66df0b9d0c02e3ef7ff4c4ac5426883d4d696fe16c3a172be0a4ea1e4 8728 php-radius-legacy_1.2.5-2.3+deb7u1_all.deb fbc5a594e256a124562fb4c4b724fe78db31ee6af1026fc6b9c42db037a23c9d 32862 php5-radius_1.2.5-2.3+deb7u1_amd64.deb Files: 674401d00686a35aefdb77c5a316a5ab 1437 web optional php-radius_1.2.5-2.3+deb7u1.dsc 25d867dab8def71ab1b3e2410491ff4d 29750 web optional php-radius_1.2.5.orig.tar.gz c5526dd56d3f55f32b54a6f489633c05 11405 web optional php-radius_1.2.5-2.3+deb7u1.diff.gz e0dbc683c37202eb950791524b0f75e7 8728 web optional php-radius-legacy_1.2.5-2.3+deb7u1_all.deb 064102dcc58e4ae8acdd22a1439edee7 32862 web optional php5-radius_1.2.5-2.3+deb7u1_amd64.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAEBAgAGBQJR8St3AAoJEFb2GnlAHawEV0cIAJU741ZgkdJdqoT6qML6efIB 3FukWpkHFXKTNyU7cy9sytGXBqgD2t2YOjAph9UIO0kj1GZowo63WDNZK0hzQNRz H/eYQ5w43nDDqix0nCx8cTn39XtoMqr6wYjFMgJcmggNKppXVk1676YrOFr4N/Ki aiOOEKshhV8f8JyHvhWMAeTL454GNwfVi8mvdhKvKvIgx+3ph9CV98R3KhQs3Qsw imsgL3N+bVZ6HPz05ZIunmSBsUKlqyelBpf/w10JJHwwQAe/HBh4cBueKTOhROUM /a8OZgw60oofbOtbEErElsNKpo/wEYX4nJncOd7QQTQhQkP2E1OPqm/istykErI= =BBSU -----END PGP SIGNATURE-----
--- End Message ---
