Your message dated Thu, 19 Feb 2015 12:19:09 +0000
with message-id <e1yoq4t-0001la...@franck.debian.org>
and subject line Bug#775843: fixed in node-serve-static 1.6.4-2
has caused the Debian Bug report #775843,
regarding node-serve-static: CVE-2015-1164
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
775843: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775843
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: node-serve-static
Severity: grave
Tags: security
Justification: user security hole
Hi,
please see https://nodesecurity.io/advisories/serve-static-open-redirect
Cheers,
Moritz
--- End Message ---
--- Begin Message ---
Source: node-serve-static
Source-Version: 1.6.4-2
We believe that the bug you reported is fixed in the latest version of
node-serve-static, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 775...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Jérémy Lal <kapo...@melix.org> (supplier of updated node-serve-static package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Tue, 17 Feb 2015 00:00:03 +0100
Source: node-serve-static
Binary: node-serve-static
Architecture: source all
Version: 1.6.4-2
Distribution: unstable
Urgency: medium
Maintainer: Debian Javascript Maintainers
<pkg-javascript-de...@lists.alioth.debian.org>
Changed-By: Jérémy Lal <kapo...@melix.org>
Description:
node-serve-static - static files server module for Node.js
Closes: 775843
Changes:
node-serve-static (1.6.4-2) unstable; urgency=medium
.
* Team upload.
* Upstream patch fixing CVE-2015-1164 (Closes: #775843).
Checksums-Sha1:
fee9571f01f192d152216dacb4ae95548456f4ba 2161 node-serve-static_1.6.4-2.dsc
ab897a592d71906aea250827e417caea851b71e2 3392
node-serve-static_1.6.4-2.debian.tar.xz
42a79632cc4cd1f5b1c73451c8e110316e2f46d0 7416 node-serve-static_1.6.4-2_all.deb
Checksums-Sha256:
a7e0bcb79b318cc103bb70767cbb9d057cd50f48a048ff2c2f9c2d6f2a9cd888 2161
node-serve-static_1.6.4-2.dsc
3ff3dcceae2e59b7da3360f5342aca0289fd3512e85d5f06c45935c670372408 3392
node-serve-static_1.6.4-2.debian.tar.xz
e07a3859b6dbd0d063709408b753389c67ac64136d3b2da77f78124ae3c3517c 7416
node-serve-static_1.6.4-2_all.deb
Files:
1412d2c57359a10d0a9dbfb190306fc2 2161 web extra node-serve-static_1.6.4-2.dsc
25742963b846d63ddacf6ab018d515e5 3392 web extra
node-serve-static_1.6.4-2.debian.tar.xz
f54b883862c22d679b757eba4d96e077 7416 web extra
node-serve-static_1.6.4-2_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCAAGBQJU5dGRAAoJEKO6uuJAjdbPfBoP/2u6xFiOZpatbPhu1yCprB1i
/3yP6ywbr/jraamnl+qf39Ye7Exuknkiho1JHWaPOS3jQqePN8FrhyE2Wpo2nv1Y
fZ2Kb7WE/c2ti6BSVKIvs2fMR7/6qS/FHxnPAZFyON6Zy6pv2ZM7nRKJMgfs16ep
Y4UzXFFfyRBrl/opSM6w+ecJWxyFGQkV4YgZ3V4QlMGspmqgMLYOa6EZQmZCf670
9290uNY/HdAAooCSXMTtSZQl+TXQh2AN1KqVf+sL4JGNWcrZaCKCzllXTey7GhA7
IONbquOcXL61YlhrrFEUyOCXgkXvMTTI2xsnRS7zKOiG+OzYDgG4n9oWGGAOpp8D
nsd5Fah1Z9PIFQDztlWCZkKh7W1GLzO4dScL62I4LXJRFLhTxK7B4Ys5ceI0P8L1
NprA8ThetCvTPj0urNuxlRhYfgH75YnAEdCjaZ9RAz/Zwff/WRbdLaAdwtHAm7FE
MshHShxbtIP3f1TMVasPHlkwdleQX4rhyMwyneYp+cC8M2FIjT1i7QZ/zItmpWpd
fS+AWo7YU+XCoKt5lPQxTgIhxCYve7FW64MOCzCMHJ2GeciCoYJFSZA0A3VmjQSU
1bwcgxWJTO/sqj9OXPq2qi4yu2JHh1xyYIFSxP1DdX/t7zLBeRyG8nbmc56qUwCI
iMSctaqzA1jnC/UfY+vY
=6O9x
-----END PGP SIGNATURE-----
--- End Message ---
