Your message dated Sun, 13 Mar 2016 19:47:10 +0000
with message-id <e1afbyo-0002dj...@franck.debian.org>
and subject line Bug#789162: fixed in aptdaemon 1.1.1-4+deb8u1
has caused the Debian Bug report #789162,
regarding aptdaemon: CVE-2015-1323: information disclosure via simulate dbus
method
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
789162: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=789162
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: aptdaemon
Version: 1.1.1-4
Severity: grave
Tags: security upstream
Hi,
the following vulnerability was published for aptdaemon, which AFICS
as well affects Debian.
CVE-2015-1323[0]:
information disclosure via simulate dbus method
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2015-1323
[1] http://www.ubuntu.com/usn/usn-2648-1/
[2] https://bugs.launchpad.net/ubuntu/+source/aptdaemon/+bug/1449587
Please adjust the affected versions in the BTS as needed.
Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: aptdaemon
Source-Version: 1.1.1-4+deb8u1
We believe that the bug you reported is fixed in the latest version of
aptdaemon, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 789...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Guido Günther <a...@sigxcpu.org> (supplier of updated aptdaemon package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Mon, 29 Feb 2016 21:13:01 +0100
Source: aptdaemon
Binary: aptdaemon python3-aptdaemon python-aptdaemon python3-aptdaemon.test
aptdaemon-data python-aptdaemon-gtk python3-aptdaemon.pkcompat
python-aptdaemon.gtkwidgets python3-aptdaemon.gtk3widgets
python-aptdaemon.gtk3widgets
Architecture: all source
Version: 1.1.1-4+deb8u1
Distribution: stable-proposed-updates
Urgency: medium
Maintainer: Julian Andres Klode <j...@debian.org>
Changed-By: Guido Günther <a...@sigxcpu.org>
Closes: 789162
Description:
aptdaemon-data - data files for clients
aptdaemon - transaction based package management service
python3-aptdaemon.gtk3widgets - Python 3 GTK+ 3 widgets to run an aptdaemon
client
python3-aptdaemon.pkcompat - PackageKit compatibilty for AptDaemon
python3-aptdaemon - Python 3 modules for the server and client of aptdaemon
python3-aptdaemon.test - Test environment for aptdaemon clients
python-aptdaemon.gtk3widgets - Python 2 GTK+ 3 widgets to run an aptdaemon
client
python-aptdaemon-gtk - Transitional dummy package
python-aptdaemon.gtkwidgets - Python GTK+ 2 widgets to run an aptdaemon client
python-aptdaemon - Python 2 modules for the server and client of aptdaemon
Changes:
aptdaemon (1.1.1-4+deb8u1) stable-proposed-updates; urgency=medium
.
* Non maintainer upload
* Add CVE-2015-1323.patch to address CVE-2015-1323 - taken from
1.1.1-1ubuntu5.2 (Closes: #789162)
Checksums-Sha1:
814a3bc18969c5b67caeb0a4ded4a8a56fc12928 3077 aptdaemon_1.1.1-4+deb8u1.dsc
978126e9b3fb799b89fca37d1b6fc8a605ff6e7a 27512
aptdaemon_1.1.1-4+deb8u1.debian.tar.xz
f379d43522587a5a31e87a0ef67b8a5a557b2c56 362346
aptdaemon_1.1.1-4+deb8u1_all.deb
106375d8e0d1080f195bcb3d40919bf61887830a 137440
python3-aptdaemon_1.1.1-4+deb8u1_all.deb
e087a5ed3a9f6a7f4b36d51cc1675c41a0342343 136818
python-aptdaemon_1.1.1-4+deb8u1_all.deb
53e89791b51721a3f418d9a3a3147a05a49f0a7e 157500
python3-aptdaemon.test_1.1.1-4+deb8u1_all.deb
eb74132fd0fbabdb7c607cc29a9e7ea81ed15966 251038
aptdaemon-data_1.1.1-4+deb8u1_all.deb
b2169cf39aed1e53ae0967f1140e3e225578ea79 73930
python-aptdaemon-gtk_1.1.1-4+deb8u1_all.deb
5321609c45479228dbecf6ae390077980bec3cbf 104652
python3-aptdaemon.pkcompat_1.1.1-4+deb8u1_all.deb
02a0036c4f634509900376b51bba9a5e7aac058d 84814
python-aptdaemon.gtkwidgets_1.1.1-4+deb8u1_all.deb
0cad2a2130307e27ee5d0556ae225e69a154d279 86022
python3-aptdaemon.gtk3widgets_1.1.1-4+deb8u1_all.deb
904944a87d1c8019a229ce7ee511e5b73a75f89f 85922
python-aptdaemon.gtk3widgets_1.1.1-4+deb8u1_all.deb
Checksums-Sha256:
fca8eb3c0624b21fe58fe7df07a927c752c97374d59833c2e30f0276a9adae5b 3077
aptdaemon_1.1.1-4+deb8u1.dsc
e33d835974c01abc642ba158502956a7a13be8e97d05ecab29a4202d25f16b9b 27512
aptdaemon_1.1.1-4+deb8u1.debian.tar.xz
7810f1963c7c7f32607eb3b30516ecaafd3f23b483d2cf065767b0bce7b58031 362346
aptdaemon_1.1.1-4+deb8u1_all.deb
302dcefb6d283e6d542c0226a0e84300c902ce98bb1c8c4b0c24c172965b263c 137440
python3-aptdaemon_1.1.1-4+deb8u1_all.deb
beb69c4beb0ac5981034e0e567a24a9a92727873b7f94ddce1d52aea17c07ac3 136818
python-aptdaemon_1.1.1-4+deb8u1_all.deb
a17e54cec79a4f8cf1eb14c081f2103ce1be2134ffbaab102a12aa043950bad7 157500
python3-aptdaemon.test_1.1.1-4+deb8u1_all.deb
837b380ed2441a93d90c99284f4cce56f03033bf098196d22e7c20e0aa7506a3 251038
aptdaemon-data_1.1.1-4+deb8u1_all.deb
12cd8ce36631bc850fd6614d422df01e7723e54028620574236c4a54780a823e 73930
python-aptdaemon-gtk_1.1.1-4+deb8u1_all.deb
2dce153fc673b84a27069d2e79e900f0757863dd713cfbe7e80041017c951270 104652
python3-aptdaemon.pkcompat_1.1.1-4+deb8u1_all.deb
213153e5a18b4819cd79a09e3c4f00a3633bd047adb202ef9609b5ee3edba8cd 84814
python-aptdaemon.gtkwidgets_1.1.1-4+deb8u1_all.deb
4d530ee9a89262cb1df17c739ecf5673bb15c9b516dc2e838a2269ab45c41cfa 86022
python3-aptdaemon.gtk3widgets_1.1.1-4+deb8u1_all.deb
ee6ead37237edf469e2c5958968d2cdbfb99a93c0524e40a994e232d3f06ffdc 85922
python-aptdaemon.gtk3widgets_1.1.1-4+deb8u1_all.deb
Files:
357b29aff75094ddd1925cad518b3142 3077 admin extra aptdaemon_1.1.1-4+deb8u1.dsc
bfc65617566e81617931d8a4801295d9 27512 admin extra
aptdaemon_1.1.1-4+deb8u1.debian.tar.xz
1cc0aa95753ec8b6cbcea44bc649dfb1 362346 admin extra
aptdaemon_1.1.1-4+deb8u1_all.deb
6314eb97a777520f38dec046a5f3c89a 137440 python extra
python3-aptdaemon_1.1.1-4+deb8u1_all.deb
9ea455210bc6176d78650a88f30b919b 136818 python extra
python-aptdaemon_1.1.1-4+deb8u1_all.deb
a316698168450ab6602c6799cd5fbe49 157500 python extra
python3-aptdaemon.test_1.1.1-4+deb8u1_all.deb
b6d3b84f742ded9565ad36c42beb97e1 251038 admin extra
aptdaemon-data_1.1.1-4+deb8u1_all.deb
032492014fb2dd7a79c5b885ec4348e3 73930 python extra
python-aptdaemon-gtk_1.1.1-4+deb8u1_all.deb
6fc27a1dcea88396539c9f136ba2fb53 104652 python extra
python3-aptdaemon.pkcompat_1.1.1-4+deb8u1_all.deb
380d5f5d1cd70701a567402b22e05d42 84814 python extra
python-aptdaemon.gtkwidgets_1.1.1-4+deb8u1_all.deb
69700e76f021ea700be0236ac8bd8966 86022 python extra
python3-aptdaemon.gtk3widgets_1.1.1-4+deb8u1_all.deb
1b12b95ffc365b2b70060d2dd3930492 85922 python extra
python-aptdaemon.gtk3widgets_1.1.1-4+deb8u1_all.deb
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCAAGBQJW5FT/AAoJEAe4t7DqmBIL7tQQAJiOn7Z6upInDLT5azMjE0pZ
RpmzuVp3patMsDNeHQjtnVo2//sxcOOXiSPORDRB7cWuSt/ka1KplSzvp27A+BMH
RveWBy42bzHrv7vfGr9nHTKY1invT+pF0QkPVj/WF5wUoP5qIBkteDBkC2UAmshu
eRLaBqkdBqwSBvVpcr7RhnTJHEr1WVySJnKZS5sMUJZ8gv/l8YMu9fOfOOAZuT0o
gahKNQ/d/Vg7tep5YWIzGS0GjgcL6XqCj3sl4NRZ7XEt4Y2PjYhYZ665jqnUO8Wd
vvhmU90Q+0lXpA2yrENELEiJDYQ1065HssYsiUgovB22LcEbhdlaA9zTB19spklj
r8Qzx7dGZvLwg/QKWYr6VOrD9Sv8PriehpEadHG8ttYCzBqxyh6MnRgOWefAMxPl
eiHcotzsbVYQXRhSIPbCGROoeMVjUqWDkie9TAcDtmqe15bKJGpVEY8ww+OtBuCF
jOqFwYy5QoCRuwWGeA+guhZyPRjJdxdQxUbZYrg+ejbEC77fmZO5M7dUOQukgzso
ZnMmjj0homIXgFom5Ge5Temnzu/Oz/CLmEpuNkspDvMs2UixIT6D9BiLl73/26QN
UIJf6ZM2JB4fqFSJM3/R1/u6cJREJFuyTntqZUkr4cZL7ZkM5scpRe6qF34QPgPn
K9OBaF8Fd7b4Iju7cZlt
=veKw
-----END PGP SIGNATURE-----
--- End Message ---