Your message dated Tue, 15 Apr 2008 16:29:53 -0400
with message-id <[EMAIL PROTECTED]>
and subject line pgp5i has been removed from Debian, closing #275670
has caused the Debian Bug report #275670,
regarding PGP multiple user ID attack
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [EMAIL PROTECTED]
immediately.)
--
275670: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=275670
Debian Bug Tracking System
Contact [EMAIL PROTECTED] with problems
--- Begin Message ---
Package: pgp5i
Version: 5.0-8
Florian Weimer wrote:
> I've checked in the meantime. The RNG issue has been been fixed, but
> the UID issues (see <http://www.bluering.nl/pgp/useridbug.txt>, for
> example) are not addressed. I haven't tested PGP 5, but the
> vulnerability is definitely present in other versions, even back to
> 2.6.3in, so it's unlikely that pgp5i is magically unaffected.
Regards,
Joey
--
The good thing about standards is that there are so many to choose from.
-- Andrew S. Tanenbaum
Please always Cc to me when replying to me on the lists.
--- End Message ---
--- Begin Message ---
Version: 5.0-8+rm
The pgp5i package has been removed from Debian testing, unstable and
experimental, so I am now closing the bugs that were still opened
against it.
Don't hesitate to reply to this mail if you have any question.
Thank you for your contribution to Debian.
Barry deFreese
--- End Message ---
