Your message dated Thu, 22 Mar 2007 11:17:02 +0000 with message-id <[EMAIL PROTECTED]> and subject line Bug#414830: fixed in ktorrent 2.0.3+dfsg1-2.1 has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what I am talking about this indicates a serious mail system misconfiguration somewhere. Please contact me immediately.) Debian bug tracking system administrator (administrator, Debian Bugs database)
--- Begin Message ---Package: ktorrent Version: 2.0.3+dfsg1-2 Severity: grave Tags: security Justification: user security hole Hello Joel, long time no see... I guess some work lies ahead: | Bryan Burns of Juniper networks found 2 security vulnerabilities in | KTorrent. These have now been fixed in the 2.1.2 release. | | This is just 2.1.1 with these 2 fixes. It would be advisable to upgrade. as seen on <http://ktorrent.org/forum/viewtopic.php?t=1401>. This concerns <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1384> and <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1385>. Ubuntu Security Notice USN-436-1 has already been issued[0] on this matter. Even though these vulnerabilities don't affect the current stable release, they need to be fixed for the upcoming release "Etch". Please extract the relevant patches and apply them to ktorrent as currently present in unstable. Changes for non-release-critical issues are no longer accepted for Etch as per the latest release update[0], so please stick to just these necessary changes. Once a fixed package will have been uploaded we need to ask the release managers to allow propagation to Etch. Cheers, Flo [0] <http://www.ubuntu.com/usn/usn-436-1> [1] <http://lists.debian.org/debian-devel-announce/2007/03/msg00012.html>signature.asc
Description: Digital signature
--- End Message ---
--- Begin Message ---Source: ktorrent Source-Version: 2.0.3+dfsg1-2.1 We believe that the bug you reported is fixed in the latest version of ktorrent, which is due to be installed in the Debian FTP archive: ktorrent_2.0.3+dfsg1-2.1.diff.gz to pool/main/k/ktorrent/ktorrent_2.0.3+dfsg1-2.1.diff.gz ktorrent_2.0.3+dfsg1-2.1.dsc to pool/main/k/ktorrent/ktorrent_2.0.3+dfsg1-2.1.dsc ktorrent_2.0.3+dfsg1-2.1_amd64.deb to pool/main/k/ktorrent/ktorrent_2.0.3+dfsg1-2.1_amd64.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [EMAIL PROTECTED], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Pierre Habouzit <[EMAIL PROTECTED]> (supplier of updated ktorrent package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [EMAIL PROTECTED]) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Thu, 22 Mar 2007 11:11:20 +0100 Source: ktorrent Binary: ktorrent Architecture: source amd64 Version: 2.0.3+dfsg1-2.1 Distribution: unstable Urgency: high Maintainer: Joel Johnson <[EMAIL PROTECTED]> Changed-By: Pierre Habouzit <[EMAIL PROTECTED]> Description: ktorrent - BitTorrent client for KDE Closes: 414830 414832 Changes: ktorrent (2.0.3+dfsg1-2.1) unstable; urgency=high . * Non-maintainer upload. * Fix security issue (Closes: 414832, 414830): + drop patch from #414832 in debian/patches. + use quilt as a patches management system to deal with it. + urgency set to high due to RC bugfix. Files: 0918857e98518996c891d6c0bcfd51f1 663 kde optional ktorrent_2.0.3+dfsg1-2.1.dsc e210f4dad18fcbcdd4d41dcad502557a 5544 kde optional ktorrent_2.0.3+dfsg1-2.1.diff.gz 4cea68a9ea4d948a5feeef658bdb02d1 1583504 kde optional ktorrent_2.0.3+dfsg1-2.1_amd64.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFGAmG0vGr7W6HudhwRAqvzAJ9rT2HhkzJ98Jff2xuDyk3WgylFuQCfUFaL t05wZTqC1eq46avtriUAkBY= =9iYO -----END PGP SIGNATURE-----
--- End Message ---