Bug#655495: marked as done (CVE-2011-4605: DoS)

Sun, 15 Jan 2012 11:18:43 -0800 

Your message dated Sun, 15 Jan 2012 19:17:28 +0000
with message-id <e1rmva4-00085q...@franck.debian.org>
and subject line Bug#655495: fixed in activemq 5.5.0+dfsg-5
has caused the Debian Bug report #655495,
regarding CVE-2011-4605: DoS
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
655495: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=655495
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message --- 
Source: activemq
Severity: grave
Tags: security

This is CVE-2011-4605

Please see here for details and patches:
http://openwall.com/lists/oss-security/2011/12/25/2

Cheers,
        Moritz

--- End Message ---
--- Begin Message --- 
Source: activemq
Source-Version: 5.5.0+dfsg-5

We believe that the bug you reported is fixed in the latest version of
activemq, which is due to be installed in the Debian FTP archive:

activemq_5.5.0+dfsg-5.debian.tar.gz
  to main/a/activemq/activemq_5.5.0+dfsg-5.debian.tar.gz
activemq_5.5.0+dfsg-5.dsc
  to main/a/activemq/activemq_5.5.0+dfsg-5.dsc
activemq_5.5.0+dfsg-5_all.deb
  to main/a/activemq/activemq_5.5.0+dfsg-5_all.deb
libactivemq-java-doc_5.5.0+dfsg-5_all.deb
  to main/a/activemq/libactivemq-java-doc_5.5.0+dfsg-5_all.deb
libactivemq-java_5.5.0+dfsg-5_all.deb
  to main/a/activemq/libactivemq-java_5.5.0+dfsg-5_all.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 655...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Damien Raude-Morvan <draz...@debian.org> (supplier of updated activemq package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Sun, 15 Jan 2012 19:38:21 +0100
Source: activemq
Binary: libactivemq-java libactivemq-java-doc activemq
Architecture: source all
Version: 5.5.0+dfsg-5
Distribution: unstable
Urgency: high
Maintainer: Debian Java Maintainers 
<pkg-java-maintainers@lists.alioth.debian.org>
Changed-By: Damien Raude-Morvan <draz...@debian.org>
Description: 
 activemq   - Java message broker - server
 libactivemq-java - Java message broker core libraries
 libactivemq-java-doc - Java message broker core libraries - documentation
Closes: 655495
Changes: 
 activemq (5.5.0+dfsg-5) unstable; urgency=high
 .
   * Fix CVE-2011-4905 (potential Denial of Service) by backporting upstream
     patch on failover feature. (Closes: #655495).
   * Set urgency=high for security fix.
Checksums-Sha1: 
 0092b65d80a68c39ce743c816f59846169858603 3318 activemq_5.5.0+dfsg-5.dsc
 d654fd20fadbcfa6eca79a6cc3b5de3a06e2810c 16789 
activemq_5.5.0+dfsg-5.debian.tar.gz
 2751f97f28d67fd6e4bf8fe34953470234c53ca4 3615664 
libactivemq-java_5.5.0+dfsg-5_all.deb
 7f776012ed7db2070af051a240bad9f493fdf9e1 11535896 
libactivemq-java-doc_5.5.0+dfsg-5_all.deb
 97b9e44a2f6c5f84de3331f5bf4898afa6a9b31d 52810 activemq_5.5.0+dfsg-5_all.deb
Checksums-Sha256: 
 d072c50d4638a1b0dd8f60b1354e6623cdc36b7ce7f81c9ee0bb45d871074414 3318 
activemq_5.5.0+dfsg-5.dsc
 0166e917896c62754a8fc202083880202e4bb68480ed0cf64511dfc35bd50a3e 16789 
activemq_5.5.0+dfsg-5.debian.tar.gz
 888ba7ae32062d36890c9093b72cc793638ca02ab5103306277901f2a9a01390 3615664 
libactivemq-java_5.5.0+dfsg-5_all.deb
 e32fdae75be20ae026d1a56dc9b8ad5d85f63d09146a4c185c649d40c234c211 11535896 
libactivemq-java-doc_5.5.0+dfsg-5_all.deb
 bf0734a782306a9549b697095373fa2d32aa52792891fae3c3caf84e38ccaec7 52810 
activemq_5.5.0+dfsg-5_all.deb
Files: 
 f256552e67eee232518c1a499bd6ae77 3318 java optional activemq_5.5.0+dfsg-5.dsc
 eeccc1c11fbc8f33a84322f19e30ae56 16789 java optional 
activemq_5.5.0+dfsg-5.debian.tar.gz
 a441393850b00237c86c4cac35f62d3f 3615664 java optional 
libactivemq-java_5.5.0+dfsg-5_all.deb
 334690338a461026dda1060e57a27d4a 11535896 doc optional 
libactivemq-java-doc_5.5.0+dfsg-5_all.deb
 6e0166e3939d74039ff7c221ebdf841b 52810 java optional 
activemq_5.5.0+dfsg-5_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iQIcBAEBCAAGBQJPEyLtAAoJEHXiDM0z50n84FEQAJ71fynSOou2JJIN+VR5iCXD
akJzTUIn3LsmHJMzVO4HdpDV8bGRBhkV8W5Aj6aPVV6qgnSdn6t27YS3WtMrvxt1
5xbHqfgbZ4C/OhkPyE/XP0dZF8cHSh6MimqliKY6YDOU1DZrYdBDqcukcUZ5oVg4
kDhxOo/1qxpl89sxnVCCN0v7fPqgone8mmx3jG/lLGVpdejVAwSFk0oKDxSEMh+3
Czf0VkJVPf110PgUDnxIY471ZoPG4hkzs2aayCbp7t0EiLsu9CsTosSdcIZZrwUb
JNtwJEfNAsPb59YGsMK1x6QAtRaVHXjrRdARYfMAPWIlFTI9T0GTp/zItEvtii12
CyO/nmHnVCC54l/lzInowkX5i3Z8185gm02Uz0OZTzjrNxC05WloXV0LCUwtTgR8
ZYKCTUbIIW4EdPiHX74UrF2dEM0UVgrQTtfuqUHK2uXO7hXIRnXuwgeMl18p4upC
H5VRoS1XiMiHLh6Z7Z5Nq21o5grYB2G9zLiOI6deJHDPiX5X8UJd4mM+ocJzW8qX
Cdj8f6wsoKUERYpkiwUjOBUzyGEN3v9wjpjtRflG0pSqNAro+bcHBMUhYOXh6zmY
UI2w3/lZKcZdwTl3w27d3P1X7W1xcdKlCg/1yt0n9K/ivR+0sVgysfsCMU4CJVHx
DTcJtr2MJDBSvmqQJbws
=JdjI
-----END PGP SIGNATURE-----

--- End Message ---
__
This is the maintainer address of Debian's Java team
<http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-java-maintainers>. 
Please use
debian-j...@lists.debian.org for discussions and questions.

Reply via email to