Your message dated Fri, 07 Dec 2012 09:32:45 +0000
with message-id <[email protected]>
and subject line Bug#692650: fixed in axis 1.4-16.2
has caused the Debian Bug report #692650,
regarding axis: CVE-2012-5784
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
692650: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=692650
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: axis
Severity: grave
Tags: security
Justification: user security hole
CVE-2012-5784 has been assigned to Axis being affected by the issues
described in this paper: http://www.cs.utexas.edu/~shmat/shmat_ccs12.pdf
(See Section 8.1)
Cheers,
Moritz
--- End Message ---
--- Begin Message ---
Source: axis
Source-Version: 1.4-16.2
We believe that the bug you reported is fixed in the latest version of
axis, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Alberto Fernández Martínez <[email protected]> (supplier of updated axis package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Thu, 6 Dec 2012 14:28:00 +0100
Source: axis
Binary: libaxis-java libaxis-java-doc
Architecture: source all
Version: 1.4-16.2
Distribution: unstable
Urgency: low
Maintainer: Debian Java Maintainers
<[email protected]>
Changed-By: Alberto Fernández Martínez <[email protected]>
Description:
libaxis-java - SOAP implementation in Java
libaxis-java-doc - SOAP implementation in Java (documentation)
Closes: 692650
Changes:
axis (1.4-16.2) unstable; urgency=low
.
* Non-maintainer upload.
* Fix CVE-2012-5784 (Closes: #692650)
* Fix CN extraction from DN of X500 principal.
* Fix wildcard validation on ssl connections
Checksums-Sha1:
48f38fa463e1c0897a9e52c04ac691ffb195d7ae 1602 axis_1.4-16.2.dsc
8f578501c50e7d1a342ba40da7ada21f0508d896 11868 axis_1.4-16.2.debian.tar.gz
5bd1b2d03f2c53f044edc451ac6d171f05b6fd43 1494606 libaxis-java_1.4-16.2_all.deb
c9d5ceacfb918dd6f7feab2b8b287426dabbb04f 2036068
libaxis-java-doc_1.4-16.2_all.deb
Checksums-Sha256:
88dce098ba6314366bc365cd04897ae057e8b9d863b3a991d37a6c044fc6967a 1602
axis_1.4-16.2.dsc
a844225b1c10b50e59ff9ed295e9d01db4546451400eb611780e77e94878b227 11868
axis_1.4-16.2.debian.tar.gz
032d34c27629460224bed4ab314c4e1475af22633bb2e00bdfdbe56100f7d194 1494606
libaxis-java_1.4-16.2_all.deb
d7def35539b836ab97e408eb1a20058789a519cc02ac4cfb73d4d2bc82188781 2036068
libaxis-java-doc_1.4-16.2_all.deb
Files:
e4970d88f7ffbeca4944d92d15ab15f4 1602 java optional axis_1.4-16.2.dsc
16b495a03148b42d2ceec1e2a351b2e5 11868 java optional
axis_1.4-16.2.debian.tar.gz
9602c21a20bea96e5d901f1a4e0afccc 1494606 java optional
libaxis-java_1.4-16.2_all.deb
cabf67754524fa146cb1803efbc59987 2036068 doc optional
libaxis-java-doc_1.4-16.2_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iEYEARECAAYFAlDBtzAACgkQYDBbMcCf01rmegCeO+D1kGu17NdOSNWaD8CeJH1u
uRsAoJ9c8DzzWXirqDaVFvrJ43fENEUq
=oY9m
-----END PGP SIGNATURE-----
--- End Message ---
__
This is the maintainer address of Debian's Java team
<http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-java-maintainers>.
Please use
[email protected] for discussions and questions.
