Your message dated Sat, 27 Apr 2024 15:10:34 +0000 with message-id <e1s0jhc-00csvb...@fasolo.debian.org> and subject line Bug#718949: fixed in libdata-uuid-perl 1.227-1 has caused the Debian Bug report #718949, regarding libdata-uuid-perl: CVE-2013-4184: symlink attacks vulnerability to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 718949: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=718949 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: libdata-uuid-perl Version: 1.219-1 Severity: important Tags: security upstream Hi CVE-2013-4184 was assigned to a symlink attack vulnerability for Data::UUID. See http://marc.info/?l=oss-security&m=137525838315067&w=2 and https://github.com/rjbs/Data-UUID/issues/5 Regards, Salvatore
--- End Message ---
--- Begin Message ---Source: libdata-uuid-perl Source-Version: 1.227-1 Done: gregor herrmann <gre...@debian.org> We believe that the bug you reported is fixed in the latest version of libdata-uuid-perl, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 718...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. gregor herrmann <gre...@debian.org> (supplier of updated libdata-uuid-perl package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sat, 27 Apr 2024 15:43:19 +0200 Source: libdata-uuid-perl Architecture: source Version: 1.227-1 Distribution: unstable Urgency: medium Maintainer: Debian Perl Group <pkg-perl-maintain...@lists.alioth.debian.org> Changed-By: gregor herrmann <gre...@debian.org> Closes: 718949 Changes: libdata-uuid-perl (1.227-1) unstable; urgency=medium . * Team upload. * debian/watch: keep only one URL. * Import upstream version 1.227. - eliminated use of state/node files in temp directory, addressing CVE-2013-4184 Closes: #718949 * Update debian/upstream/metadata. * Declare compliance with Debian Policy 4.7.0. Checksums-Sha1: 834ae863b31aa884d0dc289baadc261ab7fc9afc 2384 libdata-uuid-perl_1.227-1.dsc d378507a46b381e8c384b18798a86bd7fe9047fd 16705 libdata-uuid-perl_1.227.orig.tar.gz d39630c20d64d092b261fcf4f71c52e644b8193d 3848 libdata-uuid-perl_1.227-1.debian.tar.xz Checksums-Sha256: 37978201bc2a60a1fdd06d5fb0dd4728fb068a3233191a13cd68ef2507fc5ba6 2384 libdata-uuid-perl_1.227-1.dsc 95bda7276265f57bc48ffdeddec5ef28cd6f765e3a183757fa5f09f0ce6b98ac 16705 libdata-uuid-perl_1.227.orig.tar.gz b75181410ade4906979f8aa57f2b2260ecdeae27e1d63334acbb071cbe1e41e7 3848 libdata-uuid-perl_1.227-1.debian.tar.xz Files: 70900eb35508f3907fa285e01b83f5ce 2384 perl optional libdata-uuid-perl_1.227-1.dsc 6463f46996e5f00beb57317e49e238b5 16705 perl optional libdata-uuid-perl_1.227.orig.tar.gz ec26813f8bccb8f29310d05cf35a49ba 3848 perl optional libdata-uuid-perl_1.227-1.debian.tar.xz -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEE0eExbpOnYKgQTYX6uzpoAYZJqgYFAmYtAcBfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEQx RTEzMTZFOTNBNzYwQTgxMDREODVGQUJCM0E2ODAxODY0OUFBMDYACgkQuzpoAYZJ qgbmTBAAjzDuf21JrHNd2ZMsBSPPbIppUcky5s5l1Rf/J4gu6wTsdaIqqfDbiToN VQFdBRNNJsfroYXWWmt9lWI02OyOi9ykcPUGvhQCBL85qbZROqubcNCg10ZkSyRF +6QzlTnvSkj/CL913qFI7K4DdGXcWWPPuuPm2jA7iSQM7rvFoX+V1MbFOcZQFjWu mi+gVVqZZACROpXh3wXSH3evaHDN0EOafwV2wZtUEAHwi6Rw+2gykuqpPCXGXq87 GLrd1b7me/C/C64cNv5SvAfO+zZr2h/ZYTvjmjk/90AJNR5NHPuDk8Eba8vGFnjU EztydN0XuD+V8vQxmXf0lT7W93PAhogDdfsrT2r5hdkSi2M9LdYAxQ6hpmVxblqc 73deJqau/jeDfZt6l1S9dVcVEsb/VkxSRfjnMnOI9o6LIbjLn8fYrSNX1i+Mdnvv DnIuIsqAeXnKy/F914TVQh3Ca9GammjwYN1VPprbLO8net+Gqn/oOkCCmgFGPjJ0 QE4EuMuiSz0166le6HT5jBsCT+/IaQ4Lzljt739/7GPp2FtX9IEx3OFXoiVDPCRd s4zl5Il2F8FqIAyyYEWkbcfSiR2OE+oj5guYcFAzqRsGpW/S/rt+wbVIFnCsKd0e capqUgZARDL+WkG+WgmKmJGjiGeDLM2NKSWYag3BGNYcO9gN+hU= =SWTv -----END PGP SIGNATURE-----pgpNK8JCOyJDD.pgp
Description: PGP signature
--- End Message ---