Your message dated Tue, 06 Jan 2015 09:19:29 +0000 with message-id <e1y8qit-0002vz...@franck.debian.org> and subject line Bug#774143: fixed in gearmand 1.0.6-5 has caused the Debian Bug report #774143, regarding malicious HTTP request kills gearmand to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 774143: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774143 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: gearman-job-server Version: 1.0.6-4 Status: install ok installed Installed-Size: 268 Architecture: amd64 Severity: serious A bad HTTP request force gearmand (>=0.33 AFAIK) to run in in endless loop until memory out. See bug report https://bugs.launchpad.net/gearmand/+bug/1348865 Bug fixing was commited here http://bazaar.launchpad.net/~1-infe-w/gearmand/1.0/revision/802#libgearman-server/plugins/protocol/http/protocol.cc Regards, Alexei
--- End Message ---
--- Begin Message ---Source: gearmand Source-Version: 1.0.6-5 We believe that the bug you reported is fixed in the latest version of gearmand, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 774...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Stig Sandbeck Mathisen <s...@debian.org> (supplier of updated gearmand package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 06 Jan 2015 09:47:37 +0100 Source: gearmand Binary: libgearman7 libgearman-dev libgearman-dbg libgearman7-dbg libgearman-doc gearman-job-server gearman-tools gearman Architecture: source amd64 all Version: 1.0.6-5 Distribution: unstable Urgency: medium Maintainer: Stig Sandbeck Mathisen <s...@debian.org> Changed-By: Stig Sandbeck Mathisen <s...@debian.org> Description: gearman - Distributed job queue gearman-job-server - Job server for the Gearman distributed job queue gearman-tools - Tools for the Gearman distributed job queue libgearman-dbg - transitional dummy package libgearman-dev - Development files for the Gearman Library libgearman-doc - API Documentation for the Gearman Library libgearman7 - Library providing Gearman client and worker functions libgearman7-dbg - Debug symbols for the Gearman Client Library Closes: 774143 Changes: gearmand (1.0.6-5) unstable; urgency=medium . * [db0b16d] Add patch to fix endless loop on bad http request. Thanks to Alexei Pastuchov (Closes: #774143) Checksums-Sha1: 52bd90128f2f343a6fad58d4793bf6224a23d499 2684 gearmand_1.0.6-5.dsc d00dda31a40c5552f410e0cfc3aee5fe641c679b 16748 gearmand_1.0.6-5.debian.tar.xz 517e27130a4d4d531217ad6288fc1c660195b542 66890 libgearman7_1.0.6-5_amd64.deb 117b9e22e96f0484f01f79271360900e0dbc2813 188746 libgearman-dev_1.0.6-5_amd64.deb 170eaa27e50b8f8ae5d676d27c8dd71b77788356 12890 libgearman-dbg_1.0.6-5_all.deb 05e03d1a65545eb330d6763b73db72b76da64fff 1781132 libgearman7-dbg_1.0.6-5_amd64.deb 5734a574a727a7ebc440fe92f7bbbcfef851f7db 3199556 libgearman-doc_1.0.6-5_all.deb fc479ae4c25ab01e2c847dc68b081ac239d5875f 122308 gearman-job-server_1.0.6-5_amd64.deb 5248d62aa9b47b783bca61c092ca262fe3bc5df4 51358 gearman-tools_1.0.6-5_amd64.deb 66624ef2abc9047a49a60ba51c830508c9fd410a 13034 gearman_1.0.6-5_all.deb Checksums-Sha256: 0f7d8439a489c83088e44578e2ba6add4327941475f8833730a803c023453e7f 2684 gearmand_1.0.6-5.dsc 70f39fdf849d821ce475cde98df490fd410a75154215f212af2b97c6322ec8ad 16748 gearmand_1.0.6-5.debian.tar.xz 8ba7606d71caaf3b85044bb82c37ee9e54c005b23d764330e2b2f9e8279d00fa 66890 libgearman7_1.0.6-5_amd64.deb 41b37efbf941fea91198d3bcad2ec03330ba81943ff521ffdb473b90fea36b2b 188746 libgearman-dev_1.0.6-5_amd64.deb 23fb0ffca99502e2e1488a4f0ec355ce5ad76e4517bae50953d577eaadd477a3 12890 libgearman-dbg_1.0.6-5_all.deb 16bdb7cafc03b1732a3be4483a9e35030d49b6512ec6bb7e60d47382b66ebae7 1781132 libgearman7-dbg_1.0.6-5_amd64.deb 25ad8de8556d537ee88d1c9441bc5e4b5f34cf8caf83c2422a61abe9bc84d8c4 3199556 libgearman-doc_1.0.6-5_all.deb 8a62d7eae9905056044f192792ea44778150dcf0bded2a8afd5fedf96a112fef 122308 gearman-job-server_1.0.6-5_amd64.deb 115c40dd81e1c6fd0fe07ad0200482ef265daf4047f70cc8a1ea7951a0c7cbdf 51358 gearman-tools_1.0.6-5_amd64.deb 7ec3acc9904d4ec284f7715b59b8b164558f2d4418f1d3d0e66d6d5977c75c11 13034 gearman_1.0.6-5_all.deb Files: 5fb2ed8aa19e371c5805ae74c1844e3d 2684 misc extra gearmand_1.0.6-5.dsc d2ab06ffa010543122aa9eb86a77a5fa 16748 misc extra gearmand_1.0.6-5.debian.tar.xz 7146bd161b6a57a21a932af878ae5851 66890 misc optional libgearman7_1.0.6-5_amd64.deb 45423cd15ae8f44dbade07e7301668f3 188746 libdevel extra libgearman-dev_1.0.6-5_amd64.deb 364002d855050ea149d55f94948c3f1c 12890 oldlibs extra libgearman-dbg_1.0.6-5_all.deb 3522cb1744c93a04650f4ef4c758860b 1781132 debug extra libgearman7-dbg_1.0.6-5_amd64.deb ca3986b6a9d7c7be6a85c95ecac67f44 3199556 doc extra libgearman-doc_1.0.6-5_all.deb 4de75398863ac6378d918d71328bac57 122308 misc extra gearman-job-server_1.0.6-5_amd64.deb 8f39b64afa0c7817004f39125375172c 51358 misc extra gearman-tools_1.0.6-5_amd64.deb 577bbcab7deaf111512baacc20b0eb81 13034 misc extra gearman_1.0.6-5_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCgAGBQJUq6NOAAoJEH26lYwcBVU4xSAQAKsbTJdcODuO+ZpxqsK5V1S2 f9T4dS/CCmwgA2kfG3Mm3xJkkAeJrfoUr+nUUAAOLjYNDLclgMZwdnNJNSflaEX2 hkPQBEOYWd/mv/Gp8azrRZGpBgv6rduywyVboGQrL4ESi/vOzfwe3SOVYwb+N8Rx csl2C8us6tzz0/5bYglde7EKVPjkUc1O9wPMmdvLkweVJsAPTKUQpzhGW7tAmOFi Q+4wp1Oea/DwToSfosbw285Ng2/VF+K3Vl/5oSuGFgvQZB9yMU44tDF5tYUVfW5f MVcX5/hk65qGttZz5muIzq6CrA8mVeILTuirS/BfU02ATPDe+xHzQsvmdinS06pw BIt8ZPcuUcEhadOKqYK40g16eHMoUY6IGJ5jIHCl7xl2J76VYfeGht+9tnYIn9Rv zY0o1DV4t8OXxyqkzVJq4+hHL2T/Aa0Q51ZHGyridk+1ulhLjIsAjRdEAEAsLMaX XxJafmg1BCjRQCIdZISuZ7FEIUjR0JrwAwTvoFbagLHlaauzFHaXeh8Rp6X0XRWo tiXxnbhvb/7HSUmO75nqpefs5F2SG6wmzInZD7PI/T54TU9I+rC+rr3txfwJlG8G S8rA0gEnV1Xi1j0U0gaGnE0ALkW4MfmKAv7nXSkiGuj8KPUKjHX556DPDfx26hRP q4liK90ntMN8J3sf/54a =QQFZ -----END PGP SIGNATURE-----
--- End Message ---
