Your message dated Mon, 25 Jul 2005 13:52:58 +1000
with message-id <[EMAIL PROTECTED]>
and subject line Bug#317989: dar-static: CAN-2005-2096: Linked staticly to zlib
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--------------------------------------
Received: (at submit) by bugs.debian.org; 12 Jul 2005 18:18:31 +0000
>From [EMAIL PROTECTED] Tue Jul 12 11:18:31 2005
Return-path: <[EMAIL PROTECTED]>
Received: from smtp-3.hut.fi [130.233.228.93]
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1DsPKx-0006Il-00; Tue, 12 Jul 2005 11:18:31 -0700
Received: from localhost (katosiko.hut.fi [130.233.228.115])
by smtp-3.hut.fi (8.12.10/8.12.10) with ESMTP id j6CIHxwu007698
for <[EMAIL PROTECTED]>; Tue, 12 Jul 2005 21:17:59 +0300
Received: from smtp-3.hut.fi ([130.233.228.93])
by localhost (katosiko.hut.fi [130.233.228.115]) (amavisd-new, port 10024)
with LMTP id 09391-28-4 for <[EMAIL PROTECTED]>;
Tue, 12 Jul 2005 21:17:59 +0300 (EEST)
Received: from dhcp-4-241.debconf5.net (a130-233-4-241.debconf5.hut.fi
[130.233.4.241])
by smtp-3.hut.fi (8.12.10/8.12.10) with ESMTP id j6CICgfY007120
for <[EMAIL PROTECTED]>; Tue, 12 Jul 2005 21:12:42 +0300
Subject: dar-static: CAN-2005-2096: Linked staticly to zlib
From: Kurt Roeckx <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Content-Type: text/plain
Date: Tue, 12 Jul 2005 20:13:09 +0200
Message-Id: <[EMAIL PROTECTED]>
Mime-Version: 1.0
X-Mailer: Evolution 2.0.4
Content-Transfer-Encoding: 7bit
X-TKK-Virus-Scanned: by amavisd-new-2.1.2-hutcc at katosiko.hut.fi
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE
autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level:
Package: dar-static
Version: 2.2.1-1
Severity: important
Tags: security
Hi,
You dar-static package is linked staticly against zlib which recently
had a security bug fixed. See CAN-2005-2096 and DSA-740.
Note that you might have fixed it in unstable already with the 2.2.1-2
version depending on the version of zlib you used to build it, but
atleast stable is still affected.
Kurt
---------------------------------------
Received: (at 317989-close) by bugs.debian.org; 25 Jul 2005 03:53:03 +0000
>From [EMAIL PROTECTED] Sun Jul 24 20:53:03 2005
Return-path: <[EMAIL PROTECTED]>
Received: from snoopy.microcomaustralia.com.au [202.173.153.89]
by spohr.debian.org with esmtp (Exim 3.36 1 (Debian))
id 1Dwu1X-0002D4-00; Sun, 24 Jul 2005 20:53:03 -0700
Received: from localhost (localhost [127.0.0.1])
by snoopy.microcomaustralia.com.au (Postfix) with ESMTP id 16D84D8F7F;
Mon, 25 Jul 2005 13:53:02 +1000 (EST)
Received: from snoopy.microcomaustralia.com.au ([127.0.0.1])
by localhost (snoopy [127.0.0.1]) (amavisd-new, port 10024) with LMTP
id 19770-02; Mon, 25 Jul 2005 13:52:58 +1000 (EST)
Received: by snoopy.microcomaustralia.com.au (Postfix, from userid 10003)
id 0D989D8E96; Mon, 25 Jul 2005 13:52:58 +1000 (EST)
Date: Mon, 25 Jul 2005 13:52:58 +1000
From: Brian May <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Subject: Re: Bug#317989: dar-static: CAN-2005-2096: Linked staticly to zlib
Message-ID: <[EMAIL PROTECTED]>
References: <[EMAIL PROTECTED]> <[EMAIL PROTECTED]> <[EMAIL PROTECTED]> <[EMAIL
PROTECTED]>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <[EMAIL PROTECTED]>
User-Agent: Mutt/1.5.9i
X-Virus-Scanned: by amavisd-new-20030616-p10 (Debian) at snoopy.apana.org.au
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Level:
X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER
autolearn=no version=2.60-bugs.debian.org_2005_01_02
On Thu, Jul 14, 2005 at 11:27:51AM +1000, Brian May wrote:
> I wouldn't have thought so.
>
> It could potentially be used anywhere tar.gz is used, but I don't know
> of anyone who actually uses it for that purpose.
>
> Generally it is used for backups.
>
> Somebody please correct me if I am wrong.
Nobody has contradicted me and justified that this is a security issue.
As such, I don't consider this to be a bug that needs fixing.
I am closing this bug report.
--
Brian May <[EMAIL PROTECTED]>
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
