Your message dated Fri, 02 Aug 2019 12:21:11 +0000 with message-id <e1htwyz-000hjk...@fasolo.debian.org> and subject line Bug#885338: fixed in undertow 2.0.23-1 has caused the Debian Bug report #885338, regarding CVE-2017-12165 to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 885338: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=885338 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Source: undertow Severity: important Tags: security The only source here is a report in Red Hat Bugzilla, so might be worth contacting upstream for additional information: https://bugzilla.redhat.com/show_bug.cgi?id=1490301 Cheers, Moritz
--- End Message ---
--- Begin Message ---Source: undertow Source-Version: 2.0.23-1 We believe that the bug you reported is fixed in the latest version of undertow, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 885...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Markus Koschany <a...@debian.org> (supplier of updated undertow package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Fri, 02 Aug 2019 12:11:14 +0200 Source: undertow Architecture: source Version: 2.0.23-1 Distribution: unstable Urgency: medium Maintainer: Debian Java Maintainers <pkg-java-maintain...@lists.alioth.debian.org> Changed-By: Markus Koschany <a...@debian.org> Closes: 885338 911796 930349 Changes: undertow (2.0.23-1) unstable; urgency=medium . * New upstream version 2.0.23. Fixes CVE-2017-12165, CVE-2019-3888, CVE-2019-10184 and CVE-2018-14642. (Closes: #885338, #930349, #911796 ) * Switch to debhelper-compat = 12. * Declare compliance with Debian Policy 4.4.0. Checksums-Sha1: ed3b895854dea2e4f23c55a22440af1bbbe483a9 2790 undertow_2.0.23-1.dsc 38bf8fcfe0ed800c5ba642930e0ddd07dec3c24b 1228528 undertow_2.0.23.orig.tar.gz 91fe1c483568089fd5fac4f5a13f93261c3fcd16 7656 undertow_2.0.23-1.debian.tar.xz 76d3835388c3a8bd1d3b8170ea5a91c76a0c4a30 14853 undertow_2.0.23-1_amd64.buildinfo Checksums-Sha256: 86057edddc98862fcbfa8e4525c56fca5849de5a96123e75de8669b0bf335e02 2790 undertow_2.0.23-1.dsc 203dab5c9b6696d2c0f7a448b68d8f8c40ce8174d35cc3892ed982fa5a5d7dec 1228528 undertow_2.0.23.orig.tar.gz 234382dd8dfc71ebbcb4c4586cb6754326c78ea853aac3ab05177bd190cf02a2 7656 undertow_2.0.23-1.debian.tar.xz 0318a5c79e4061b733bea44dbd1c5565f65e265bd99eb84b08f3cf92a064d337 14853 undertow_2.0.23-1_amd64.buildinfo Files: 95917a2541eed300e1f940b9f785d69f 2790 java optional undertow_2.0.23-1.dsc 9e03fda192b89bbf0f3e01177bcc3c9f 1228528 java optional undertow_2.0.23.orig.tar.gz 95adae4ba21cbdeb191d1a5a8c248052 7656 java optional undertow_2.0.23-1.debian.tar.xz 5945c023fd5bbc61f69f4bcb1e201114 14853 java optional undertow_2.0.23-1_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAl1EIqdfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp YW4ub3JnAAoJENmtFLlRO1HkvKcP/3Q8adQC6NuG2uPS6h3hQmyqEmiPmcPDQ9rZ IChum7g9bSIS6uY6kR0eFjJRCTvMJxk4WJ4sPocyIyjUragOWRTawf//ym2/XJY7 n8tnDqs9YPcLu7PxKH8D7VMN86w4KjlwlbIFzzF9xE+I37csEc4Q3HWOepDyPElb 2dkM7IXhwCD69up4sSftxC4DzMQwjpFSqPLdZVlCQvg0Xc9MOA0R3aQZ2JUTZnnp l8SpUk+3Gsd3WzcQ1pzRyBWg6w4xvrhGqa3sitLp/zQDOTInPlL7CLk+xR6C5Yte Q9FYkbDWngqCAFnJnn5XFsvm7D3OdUjUIcJdDG/3cm4PUrRcC/DgROR3lfIa8pNt 4ORcfebLYKSzr7mSdDZgew/wSwOG00KiSN6o3trDX3vJ8AWPV2hAvMI1llhcgRok lDeFLuB1G9kDzdZHqGpJqd9Yc+P64rdQ6/UsU0TSTpwYgMQdsmv3VyN01X2qe8z6 GurIpnqeQODQZhmQDzqBm4hqnESIAcetpMvq8yc/XhLBLoNnro4f0Jla79vR9HAB zkz62q0R4nOChNcCLYGVxrFfNFunUICGBronFDGBx7hx+ZpVl5+B+kNt4iKeakbW Em1x1ZZ5dwgv3axkT1FSnPbfYp+M0CjMSW8re9gdgISiR8thcKcemxeAgeK77OFF rVTVgXtp =O271 -----END PGP SIGNATURE-----
--- End Message ---
__ This is the maintainer address of Debian's Java team <https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-java-maintainers>. Please use debian-j...@lists.debian.org for discussions and questions.
