Your message dated Fri, 31 Oct 2008 19:02:10 +0000
with message-id <[EMAIL PROTECTED]>
and subject line Bug#504121: fixed in dns2tcp 0.4.dfsg-4
has caused the Debian Bug report #504121,
regarding dns2tcp: Buffer overflow in dns_decode.c
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [EMAIL PROTECTED]
immediately.)
--
504121: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504121
Debian Bug Tracking System
Contact [EMAIL PROTECTED] with problems
--- Begin Message ---
Package: dns2tcp
Version: 0.4.dfsg-3
Severity: grave
Tags: security
Justification: user security hole
dns_decode.c contains a security flaw fixed in 0.4.2.
-- System Information:
Debian Release: lenny/sid
APT prefers unstable
APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.26-1-amd64 (SMP w/2 CPU cores)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages dns2tcp depends on:
ii libc6 2.7-15 GNU C Library: Shared libraries
dns2tcp recommends no packages.
dns2tcp suggests no packages.
-- no debconf information
--- End Message ---
--- Begin Message ---
Source: dns2tcp
Source-Version: 0.4.dfsg-4
We believe that the bug you reported is fixed in the latest version of
dns2tcp, which is due to be installed in the Debian FTP archive:
dns2tcp_0.4.dfsg-4.diff.gz
to pool/main/d/dns2tcp/dns2tcp_0.4.dfsg-4.diff.gz
dns2tcp_0.4.dfsg-4.dsc
to pool/main/d/dns2tcp/dns2tcp_0.4.dfsg-4.dsc
dns2tcp_0.4.dfsg-4_amd64.deb
to pool/main/d/dns2tcp/dns2tcp_0.4.dfsg-4_amd64.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Arnaud Cornet <[EMAIL PROTECTED]> (supplier of updated dns2tcp package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Fri, 31 Oct 2008 19:28:28 +0100
Source: dns2tcp
Binary: dns2tcp
Architecture: source amd64
Version: 0.4.dfsg-4
Distribution: unstable
Urgency: low
Maintainer: Arnaud Cornet <[EMAIL PROTECTED]>
Changed-By: Arnaud Cornet <[EMAIL PROTECTED]>
Description:
dns2tcp - TCP over DNS tunnel client and server
Closes: 504121
Changes:
dns2tcp (0.4.dfsg-4) unstable; urgency=low
.
* Add patch dnsbof.diff to fix a buffer overflow in dns_decode.c (Closes:
#504121).
* Add patch sysfix.diff that fixes chroot() and set?id() calls. Also
makes use of limits to prevent fork of the process.
Checksums-Sha1:
7186ea2f1818323ac02af38e1c3eba205a110b99 981 dns2tcp_0.4.dfsg-4.dsc
19861a78acb823cb8a5e6250fceeffc013b4aa7c 2396 dns2tcp_0.4.dfsg-4.diff.gz
ae43cbf99d2763d4b2e083809aa1e1aef8d382ed 31982 dns2tcp_0.4.dfsg-4_amd64.deb
Checksums-Sha256:
0c6df6a0298215c44cf3c80c5bd3ba41c0294a825bdcee9f95aa0dbf2be45705 981
dns2tcp_0.4.dfsg-4.dsc
13290704b0317cc25a91eaa8b3fca3194c94bbf685125b4de606e1c309c270f7 2396
dns2tcp_0.4.dfsg-4.diff.gz
a4892b8b1a3030a55c3b3becff0911510052ab7a64682a120f45c024be78832f 31982
dns2tcp_0.4.dfsg-4_amd64.deb
Files:
11872db94ae8033b08f0ef480209237e 981 net optional dns2tcp_0.4.dfsg-4.dsc
bd6bfab703bf297894ce180294f39709 2396 net optional dns2tcp_0.4.dfsg-4.diff.gz
fcc97eecdeb5eabce8bf1a6d5f862bbf 31982 net optional
dns2tcp_0.4.dfsg-4_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAkkLUwMACgkQsk+dgCIlhI6qDwCeMDKVCt6P2X8Y/09/z2bxcf2C
ZgQAnimXibAq960ETGhrRJPhamZzTKo/
=Vd+o
-----END PGP SIGNATURE-----
--- End Message ---
