Ciao Gianfranco On Thu, Jan 27, 2022 at 05:21:11PM +0000, Debian Bug Tracking System wrote: > This is an automatic notification regarding your Bug report > which was filed against the phpldapadmin package: > > #987355: CVE-2020-35132 > > It has been closed by Debian FTP Masters <ftpmas...@ftp-master.debian.org> > (reply to Gianfranco Costamagna <locutusofb...@debian.org>). > > Their explanation is attached below along with your original report. > If this explanation is unsatisfactory and you have not received a > better one in a separate message then please contact Debian FTP Masters > <ftpmas...@ftp-master.debian.org> (reply to Gianfranco Costamagna > <locutusofb...@debian.org>) by > replying to this email. > > > -- > 987355: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987355 > Debian Bug Tracking System > Contact ow...@bugs.debian.org with problems
> From: Debian FTP Masters <ftpmas...@ftp-master.debian.org> > Reply-To: Gianfranco Costamagna <locutusofb...@debian.org> > Date: Thu, 27 Jan 2022 17:19:45 +0000 > To: 987355-cl...@bugs.debian.org > Subject: Bug#987355: fixed in phpldapadmin 1.2.6.3-0.2 > Message-Id: <e1nd8qz-000f8m...@fasolo.debian.org> > > Source: phpldapadmin > Source-Version: 1.2.6.3-0.2 > Done: Gianfranco Costamagna <locutusofb...@debian.org> > > We believe that the bug you reported is fixed in the latest version of > phpldapadmin, which is due to be installed in the Debian FTP archive. > > A summary of the changes between this version and the previous one is > attached. > > Thank you for reporting the bug, which will now be closed. If you > have further comments please address them to 987...@bugs.debian.org, > and the maintainer will reopen the bug report if appropriate. > > Debian distribution maintenance software > pp. > Gianfranco Costamagna <locutusofb...@debian.org> (supplier of updated > phpldapadmin package) > > (This message was generated automatically at their request; if you > believe that there is a problem with it please contact the archive > administrators by mailing ftpmas...@ftp-master.debian.org) > > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA256 > > Format: 1.8 > Date: Thu, 27 Jan 2022 17:56:42 +0100 > Source: phpldapadmin > Architecture: source > Version: 1.2.6.3-0.2 > Distribution: unstable > Urgency: medium > Maintainer: Fabio Tranchitella <kob...@debian.org> > Changed-By: Gianfranco Costamagna <locutusofb...@debian.org> > Closes: 717205 834279 952635 987355 > Changes: > phpldapadmin (1.2.6.3-0.2) unstable; urgency=medium > . > * Non-maintainer upload > * Previous changelog also closed: > * Make build reproducible (Closes: #834279) > * Update to github new upstream release (Closes: #952635) > * Fix CVE-2020-35132 (Closes: #987355) I reopened the issue, due to https://github.com/leenooks/phpLDAPadmin/issues/137 . Can you check with upstream on the status for the correct fix for CVE-2020-35132? Thanks a lot already for your time! Regards, Salvatore
