Your message dated Sat, 5 Feb 2005 23:50:02 +1000 (EST)
with message-id <[EMAIL PROTECTED]>
and subject line Closing
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--------------------------------------
Received: (at submit) by bugs.debian.org; 15 Dec 2004 22:13:22 +0000
>From [EMAIL PROTECTED] Wed Dec 15 14:13:22 2004
Return-path: <[EMAIL PROTECTED]>
Received: from albireo.enyo.de [212.9.189.169]
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1CehOc-0000TD-00; Wed, 15 Dec 2004 14:13:22 -0800
Received: from deneb.enyo.de ([212.9.189.171])
by albireo.enyo.de with esmtp id 1CehOa-0006Tb-TK
for [EMAIL PROTECTED]; Wed, 15 Dec 2004 23:13:20 +0100
Received: from fw by deneb.enyo.de with local (Exim 4.43)
id 1CehOa-0000to-PR; Wed, 15 Dec 2004 23:13:20 +0100
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: Florian Weimer <[EMAIL PROTECTED]>
To: Debian Bug Tracking System <[EMAIL PROTECTED]>
Subject: php4: 4.3.10 fixes important security holes
X-Mailer: reportbug 3.4
Date: Wed, 15 Dec 2004 23:13:20 +0100
Message-Id: <[EMAIL PROTECTED]>
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2004_03_25
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE
autolearn=no version=2.60-bugs.debian.org_2004_03_25
X-Spam-Level:
Package: php4
Version: 4:4.3.9-2
Severity: grave
Tags: security upstream
Justification: user security hole
PHP 4.3.10 fixes several security bugs. The relevant part of the
release announcement follows.
stable might be affected, too. Let's hope vendor-sec has already sorted
this one out. 8-)
From: Ilia Alshanetsky <[EMAIL PROTECTED]>
Subject: [ANNOUNCE] PHP 4.3.10 & 5.0.3 Released!
To: [EMAIL PROTECTED]
Date: Wed, 15 Dec 2004 16:00:42 -0500
Message-ID: <[EMAIL PROTECTED]>
Enyo-Status: asn=7859
PHP Development Team would like to announce the immediate release of PHP
4.3.10 and 5.0.3. These are maintenance releases that in addition to
non-critical bug fixes address several very serious security issues.
These include the following:
CAN-2004-1018 - shmop_write() out of bounds memory write access.
CAN-2004-1018 - integer overflow/underflow in pack() and unpack() functions.
CAN-2004-1019 - possible information disclosure, double free and
negative reference index array underflow in deserialization code.
CAN-2004-1020 - addslashes not escaping \0 correctly.
CAN-2004-1063 - safe_mode execution directory bypass.
CAN-2004-1064 - arbitrary file access through path truncation.
CAN-2004-1065 - exif_read_data() overflow on long sectionname.
magic_quotes_gpc could lead to one level directory traversal with file
uploads.
All Users of PHP are strongly encouraged to upgrade to this release as
soon as possible.
[...]
---------------------------------------
Received: (at 285845-done) by bugs.debian.org; 5 Feb 2005 13:50:34 +0000
>From [EMAIL PROTECTED] Sat Feb 05 05:50:33 2005
Return-path: <[EMAIL PROTECTED]>
Received: from loki.0c3.net [69.0.240.48]
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1CxQKX-0001nE-00; Sat, 05 Feb 2005 05:50:33 -0800
Received: from localhost
([127.0.0.1] helo=mail.0c3.net ident=www-data)
by loki.0c3.net with esmtp (Exim 4.34)
id 1CxQK2-0002w0-J7
for [EMAIL PROTECTED]; Sat, 05 Feb 2005 06:50:02 -0700
Received: from 210.11.154.230
(SquirrelMail authenticated user adconrad)
by mail.0c3.net with HTTP;
Sat, 5 Feb 2005 23:50:02 +1000 (EST)
Message-ID: <[EMAIL PROTECTED]>
Date: Sat, 5 Feb 2005 23:50:02 +1000 (EST)
Subject: Closing
From: "Adam Conrad" <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Reply-To: [EMAIL PROTECTED]
User-Agent: SquirrelMail/1.5.1 [CVS]
MIME-Version: 1.0
Content-Type: text/plain;charset=iso-8859-1
Content-Transfer-Encoding: 8bit
X-Priority: 3 (Normal)
Importance: Normal
X-SA-Exim-Connect-IP: 127.0.0.1
X-SA-Exim-Mail-From: [EMAIL PROTECTED]
X-SA-Exim-Scanned: No (on loki.0c3.net); SAEximRunCond expanded to false
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=1.7 required=4.0 tests=BAYES_30,ONEWORD,
PRIORITY_NO_NAME autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level: *
Closing this bug, as Joey has indicated it's not relevant to woody, and
sid and sarge have both been fixed.
... Adam
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
