Bug#789162: marked as done (aptdaemon: CVE-2015-1323: information disclosure via simulate dbus method)

[Debian Bug Tracking System]

Your message dated Sun, 13 Mar 2016 21:35:33 +0000
with message-id <e1afdfh-0007lw...@franck.debian.org>
and subject line Bug#789162: fixed in aptdaemon 0.45-2+deb7u1
has caused the Debian Bug report #789162,
regarding aptdaemon: CVE-2015-1323: information disclosure via simulate dbus 
method
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
789162: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=789162
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

--- Begin Message ---

Source: aptdaemon
Version: 1.1.1-4
Severity: grave
Tags: security upstream

Hi,

the following vulnerability was published for aptdaemon, which AFICS
as well affects Debian.

CVE-2015-1323[0]:
information disclosure via simulate dbus method

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2015-1323
[1] http://www.ubuntu.com/usn/usn-2648-1/
[2] https://bugs.launchpad.net/ubuntu/+source/aptdaemon/+bug/1449587

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore

--- End Message ---

--- Begin Message ---

Source: aptdaemon
Source-Version: 0.45-2+deb7u1

We believe that the bug you reported is fixed in the latest version of
aptdaemon, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 789...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Guido Günther <a...@sigxcpu.org> (supplier of updated aptdaemon package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Mon, 29 Feb 2016 08:33:47 +0100
Source: aptdaemon
Binary: aptdaemon python-aptdaemon python-aptdaemon.test aptdaemon-data 
python-aptdaemon-gtk python-aptdaemon.pkcompat python-aptdaemon.gtkwidgets 
python-aptdaemon.gtk3widgets
Architecture: source all
Version: 0.45-2+deb7u1
Distribution: oldstable-proposed-updates
Urgency: medium
Maintainer: Julian Andres Klode <j...@debian.org>
Changed-By: Guido Günther <a...@sigxcpu.org>
Description: 
 aptdaemon  - transaction based package management service
 aptdaemon-data - data files for clients
 python-aptdaemon - Python module for the server and client of aptdaemon
 python-aptdaemon-gtk - Transitional dummy package
 python-aptdaemon.gtk3widgets - Python GTK+ 3 widgets to run an aptdaemon client
 python-aptdaemon.gtkwidgets - Python GTK+ 2 widgets to run an aptdaemon client
 python-aptdaemon.pkcompat - PackageKit compatibilty for AptDaemon
 python-aptdaemon.test - Test environment for aptdaemon clients
Closes: 789162
Changes: 
 aptdaemon (0.45-2+deb7u1) oldstable-proposed-updates; urgency=medium
 .
   * Non maintainer upload
   * Add CVE-2015-1323.patch to address CVE-2015-1323 - taken from
     0.43+bzr805-0ubuntu10 (Closes: #789162)
Checksums-Sha1: 
 7055fbddda2b7f804eb561b5ab3422dea00379d3 2545 aptdaemon_0.45-2+deb7u1.dsc
 8e6ebcd396b4ffbe2901ca68b4625594ebb8a8c7 18952 
aptdaemon_0.45-2+deb7u1.debian.tar.xz
 b69772e774c49c00f1ea2a3349aa77a4faefa060 277740 aptdaemon_0.45-2+deb7u1_all.deb
 a6e285621112b7ad9362876d166f95454308ef38 92584 
python-aptdaemon_0.45-2+deb7u1_all.deb
 1f1e0752373d480e52b39773e11a2c6f79b1f915 91818 
python-aptdaemon.test_0.45-2+deb7u1_all.deb
 4d06fbda00c53d6454ba2e2e1eb976920614d3e0 191212 
aptdaemon-data_0.45-2+deb7u1_all.deb
 5b5f12c72343bfa3f1d9fe7840999e365c5037d2 13500 
python-aptdaemon-gtk_0.45-2+deb7u1_all.deb
 3ca6efd93a0149f6421b1e588b3550993ed10e9a 41856 
python-aptdaemon.pkcompat_0.45-2+deb7u1_all.deb
 806bde63b02a844679943d2477b63c7c5e0bae6d 26504 
python-aptdaemon.gtkwidgets_0.45-2+deb7u1_all.deb
 f2ecf5eabdf21331bd7aa323d2e23cac3250f0a5 27450 
python-aptdaemon.gtk3widgets_0.45-2+deb7u1_all.deb
Checksums-Sha256: 
 9b0040a7c76489a01775ed72173bf2c6a695f454a2a5c6bb45b6563f4159907c 2545 
aptdaemon_0.45-2+deb7u1.dsc
 8b036b8297ee5964bb521522a543e33a9195e2751359a5965204395b5e21352c 18952 
aptdaemon_0.45-2+deb7u1.debian.tar.xz
 ba219a6c636fcd043a796f45a9e8799787a9b5612cc5536b30e8ed10d207eae2 277740 
aptdaemon_0.45-2+deb7u1_all.deb
 5f2c48a4c2aca3cec7f06159ed939295d27163cedaa21c33f9c73efd70cc7c15 92584 
python-aptdaemon_0.45-2+deb7u1_all.deb
 addba1924a95d4cfaf2a8d853fe8a820430f7dd489ad37c205c6083e3b4534c9 91818 
python-aptdaemon.test_0.45-2+deb7u1_all.deb
 b9e8801f8d9a3e64984f32122a0d586a5b3f8a0bd6751bb0cfb65cda29c3525e 191212 
aptdaemon-data_0.45-2+deb7u1_all.deb
 4e734130c1ebdfbfa964e7f0b43afd554fb0f12aa8e6d78f77b435cd4e1cfd89 13500 
python-aptdaemon-gtk_0.45-2+deb7u1_all.deb
 3bc1c853f344b392eed9cde221163b88428f040fca752e216f0266dd229afb49 41856 
python-aptdaemon.pkcompat_0.45-2+deb7u1_all.deb
 41005c7165d174282e2b2f61a4cb029f152cdca28f903cc91e4315ed48b49e55 26504 
python-aptdaemon.gtkwidgets_0.45-2+deb7u1_all.deb
 8a7a33fec1bcd13955334cad8161edb011b82c790002d08bf3132d6ddb0db943 27450 
python-aptdaemon.gtk3widgets_0.45-2+deb7u1_all.deb
Files: 
 82816f03fc1136ff993febeeb0a36dd6 2545 admin extra aptdaemon_0.45-2+deb7u1.dsc
 5f869694011f075e7130cad3d40aa1dc 18952 admin extra 
aptdaemon_0.45-2+deb7u1.debian.tar.xz
 26512dea61cf0c0a98333bad34560f01 277740 admin extra 
aptdaemon_0.45-2+deb7u1_all.deb
 eb42df898231234be3178c0f3a492c42 92584 python extra 
python-aptdaemon_0.45-2+deb7u1_all.deb
 9510b25055647146625b73ab8f57947a 91818 python extra 
python-aptdaemon.test_0.45-2+deb7u1_all.deb
 1133010daf87c0aa14c91091c9f093b0 191212 admin extra 
aptdaemon-data_0.45-2+deb7u1_all.deb
 613ba2f09881eb2c5a33a2f1fe9bfeeb 13500 python extra 
python-aptdaemon-gtk_0.45-2+deb7u1_all.deb
 9780ff506828d8166c3f93ce4529c335 41856 python extra 
python-aptdaemon.pkcompat_0.45-2+deb7u1_all.deb
 52b793a99a2abea3b7a516d68b97e60e 26504 python extra 
python-aptdaemon.gtkwidgets_0.45-2+deb7u1_all.deb
 636e460cb3678b2ef224c384ce03f01d 27450 python extra 
python-aptdaemon.gtk3widgets_0.45-2+deb7u1_all.deb

-----BEGIN PGP SIGNATURE-----

iQIcBAEBCAAGBQJW5FJaAAoJEAe4t7DqmBILMJMP/jGVvp34Rf9jMSHTncOG/t6S
SPM57USaE7ecrCcWEaSgRPm04yZm/w/XX0I5WzfoSuKSLK2Tr3Pqwq3tp4fr7N4O
IeVeOEPI7y2xfBeA3xV3+f6M2PptSn24lr2Bm2GJ2dME9zHjQm7HG+ff7wcv+C0H
+0ujT/3A0+SvFz7urbR8sq5Nx53mh5Gp6+my9q9qimWkQZK6YvULZkJarDL2wC9/
vl5TBTVNlxnf/UaiqeTMdXfKgn+Ip+1ZAN9pCcltdx6SVR8jir3CUQA1yeQK0pCy
V/uBgNU4+rPa+7zUk16b/l1cVXflhgpC42yw3gR/uSyoXpMAWmkiOCRPLpcHOWzx
DDGoa8X9EwfWmQ9uyDbhKbA+zVsyjVnAO67hLG47ULT92FGupHzhL0LRNW4GTLga
c5yq4YKOcC2i0rqNNHY9Mrtm2Eb8Agom1YnY95CPaCuAMLY4a1VyNkp+QpgxIjl4
BaE6cfsFeSzDwpAtDU2dShd+R7FKBDGcseb/Nra1dfgGtTMyrKQvVfHUpD800Kmj
1rTd4qtP+FSa9fXHdqxqcI4+iVW1rSCvwJtgNMYCHNWk9GEVmPwPKC4cvhxvlh8E
6ovv3gwPKUFBm3emTj4J+7ki55+GgzHSl01ALix4QiWR12RUnltCNb6U7mX5KUhW
aG78iYcsZoNOkNdMX2Y4
=hLDv
-----END PGP SIGNATURE-----

--- End Message ---