Your message dated Wed, 28 Sep 2005 02:02:11 -0700
with message-id <[EMAIL PROTECTED]>
and subject line Bug#327339: fixed in nikto 1.35-1
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--------------------------------------
Received: (at submit) by bugs.debian.org; 9 Sep 2005 09:52:37 +0000
>From [EMAIL PROTECTED] Fri Sep 09 02:52:37 2005
Return-path: <[EMAIL PROTECTED]>
Received: from (vserver151.vserver151.serverflex.de) [193.22.164.111]
by spohr.debian.org with esmtp (Exim 3.36 1 (Debian))
id 1EDfYj-000245-00; Fri, 09 Sep 2005 02:52:37 -0700
Received: from jmm by vserver151.vserver151.serverflex.de with local (Exim 4.50)
id 1EDfYe-0007rs-Gt
for [EMAIL PROTECTED]; Fri, 09 Sep 2005 11:52:32 +0200
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: Moritz Muehlenhoff <[EMAIL PROTECTED]>
To: Debian Bug Tracking System <[EMAIL PROTECTED]>
Subject: CAN-2005-2860: Arbitrary webcode injection through XSS vulnerability
via
Server field of a HTTP response header
X-Mailer: reportbug 3.8
Date: Fri, 09 Sep 2005 11:52:32 +0200
Message-Id: <[EMAIL PROTECTED]>
X-SA-Exim-Connect-IP: <locally generated>
X-SA-Exim-Mail-From: [EMAIL PROTECTED]
X-SA-Exim-Scanned: No (on vserver151.vserver151.serverflex.de); SAEximRunCond
expanded to false
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Level:
X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE
autolearn=no version=2.60-bugs.debian.org_2005_01_02
Package: nitko
Version: 1.34-1
Severity: important
Tags: security
Please see http://marc.theaimsgroup.com/?l=bugtraq&m=112561344400914&w=2
for more information. The vulnerabilities have been fixed in 1.35.
Cheers,
Moritz
-- System Information:
Debian Release: 3.1
Architecture: i386 (i686)
Kernel: Linux 2.4.29-vs1.2.10
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
---------------------------------------
Received: (at 327339-close) by bugs.debian.org; 28 Sep 2005 09:08:15 +0000
>From [EMAIL PROTECTED] Wed Sep 28 02:08:15 2005
Return-path: <[EMAIL PROTECTED]>
Received: from katie by spohr.debian.org with local (Exim 3.36 1 (Debian))
id 1EKXpL-0001Rf-00; Wed, 28 Sep 2005 02:02:11 -0700
From: Thomas Seyrat <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
X-Katie: $Revision: 1.56 $
Subject: Bug#327339: fixed in nikto 1.35-1
Message-Id: <[EMAIL PROTECTED]>
Sender: Archive Administrator <[EMAIL PROTECTED]>
Date: Wed, 28 Sep 2005 02:02:11 -0700
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Level:
X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER
autolearn=no version=2.60-bugs.debian.org_2005_01_02
Source: nikto
Source-Version: 1.35-1
We believe that the bug you reported is fixed in the latest version of
nikto, which is due to be installed in the Debian FTP archive:
nikto_1.35-1.diff.gz
to pool/main/n/nikto/nikto_1.35-1.diff.gz
nikto_1.35-1.dsc
to pool/main/n/nikto/nikto_1.35-1.dsc
nikto_1.35-1_all.deb
to pool/main/n/nikto/nikto_1.35-1_all.deb
nikto_1.35.orig.tar.gz
to pool/main/n/nikto/nikto_1.35.orig.tar.gz
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Thomas Seyrat <[EMAIL PROTECTED]> (supplier of updated nikto package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Wed, 28 Sep 2005 10:37:14 +0200
Source: nikto
Binary: nikto
Architecture: source all
Version: 1.35-1
Distribution: unstable
Urgency: low
Maintainer: Thomas Seyrat <[EMAIL PROTECTED]>
Changed-By: Thomas Seyrat <[EMAIL PROTECTED]>
Description:
nikto - web server security scanner
Closes: 327339
Changes:
nikto (1.35-1) unstable; urgency=low
.
* New upstream release (closes: #327339)
* Bumped Standards-Version to 3.6.2
* Updated upstream URL
* Moved upstream CHANGES.txt to /usr/share/nikto/plugins so it can
be updated by nikto -update, and link it from /usr/share/doc/nikto/
* Updated plugins and databases as of 20050928.
Files:
046c664863764fc123eac394b434da7f 559 net extra nikto_1.35-1.dsc
74beeb1b8a3c04a29655500a5b66da44 192642 net extra nikto_1.35.orig.tar.gz
9a90a1491cf90cf792971692e1e57553 18648 net extra nikto_1.35-1.diff.gz
ced6d3b434ee08b3ae60fd049513aab1 169338 net extra nikto_1.35-1_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
iD8DBQFDOla4G7q+HrSg3okRAoIdAJ9COwQV+wvuhUcdLZ5e2bUt3aEssQCeIqkY
QRcysyWD6JllS9BQ93ah1Q4=
=lWwd
-----END PGP SIGNATURE-----
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
