Your message dated Tue, 01 Nov 2005 06:17:10 -0800
with message-id <[EMAIL PROTECTED]>
and subject line Bug#303217: fixed in acidlab 0.9.6b20-13
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--------------------------------------
Received: (at submit) by bugs.debian.org; 5 Apr 2005 13:41:06 +0000
>From [EMAIL PROTECTED] Tue Apr 05 06:41:06 2005
Return-path: <[EMAIL PROTECTED]>
Received: from (power.o3.net) [203.69.106.171]
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1DIoIk-00077X-00; Tue, 05 Apr 2005 06:41:06 -0700
Received: from localhost (localhost [127.0.0.1])
by power.o3.net (Postfix) with ESMTP id 1F21F7270B;
Tue, 5 Apr 2005 21:41:04 +0800 (CST)
Received: from power.o3.net ([127.0.0.1])
by localhost (power [127.0.0.1]) (amavisd-new, port 10024) with LMTP
id 03422-05-2; Tue, 5 Apr 2005 21:41:01 +0800 (CST)
Received: by power.o3.net (Postfix, from userid 1000)
id DAA2272819; Tue, 5 Apr 2005 21:41:01 +0800 (CST)
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: "Daniel C. Chao" <[EMAIL PROTECTED]>
To: Debian Bug Tracking System <[EMAIL PROTECTED]>
Subject: acidlab: Year fields missing 2005 in multiple places
X-Mailer: reportbug 3.9
Date: Tue, 05 Apr 2005 21:41:01 +0800
Message-Id: <[EMAIL PROTECTED]>
X-Virus-Scanned: by amavisd-new-20030616-p10 (Debian) at o3.net
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE
autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level:
Package: acidlab
Version: 0.9.6b20-10
Severity: normal
Year 2005 is missing from multiple places where you can select a year.
Here's a list I've found:
acid_state_citems.inc
acid_stat_time.php
acid_graph_main.php
-- System Information:
Debian Release: 3.1
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.6.8-2-686
Locale: LANG=zh_TW, LC_CTYPE=zh_TW (charmap=BIG5)
Versions of packages acidlab depends on:
ii acidlab-mysql 0.9.6b20-10 Analysis Console for Intrusion Dat
ii apache [httpd] 1.3.33-4 versatile, high-performance HTTP s
ii debconf 1.4.47 Debian configuration management sy
ii libphp-adodb 4.52-1 The 'adodb' database abstraction l
ii libphp-phplot 4.4.6+5.0rc1-2 The graphic library for PHP
ii php4 4:4.3.10-10 server-side, HTML-embedded scripti
ii php4-cli 4:4.3.10-10 command-line interpreter for the p
ii php4-gd 4:4.3.10-10 GD module for php4
ii wwwconfig-common 0.0.43 Debian web auto configuration
-- debconf information:
* acidlab/alert_host: localhost
* acidlab/webserver: Apache
acidlab/archive_port:
* acidlab/archive_name: snort_archive
* acidlab/db_type: mysql
* acidlab/acidlab_advisory:
* acidlab/archive_host: localhost
* acidlab/alert_user: root
* acidlab/archive_user: root
acidlab/alert_port:
* acidlab/alert_name: snort_log
---------------------------------------
Received: (at 303217-close) by bugs.debian.org; 1 Nov 2005 14:18:10 +0000
>From [EMAIL PROTECTED] Tue Nov 01 06:18:10 2005
Return-path: <[EMAIL PROTECTED]>
Received: from katie by spohr.debian.org with local (Exim 3.36 1 (Debian))
id 1EWwwo-0005ys-00; Tue, 01 Nov 2005 06:17:10 -0800
From: Javier Fernandez-Sanguino Pen~a <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
X-Katie: $Revision: 1.56 $
Subject: Bug#303217: fixed in acidlab 0.9.6b20-13
Message-Id: <[EMAIL PROTECTED]>
Sender: Archive Administrator <[EMAIL PROTECTED]>
Date: Tue, 01 Nov 2005 06:17:10 -0800
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Level:
X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER
autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-CrossAssassin-Score: 6
Source: acidlab
Source-Version: 0.9.6b20-13
We believe that the bug you reported is fixed in the latest version of
acidlab, which is due to be installed in the Debian FTP archive:
acidlab-doc_0.9.6b20-13_all.deb
to pool/main/a/acidlab/acidlab-doc_0.9.6b20-13_all.deb
acidlab-mysql_0.9.6b20-13_all.deb
to pool/main/a/acidlab/acidlab-mysql_0.9.6b20-13_all.deb
acidlab-pgsql_0.9.6b20-13_all.deb
to pool/main/a/acidlab/acidlab-pgsql_0.9.6b20-13_all.deb
acidlab_0.9.6b20-13.diff.gz
to pool/main/a/acidlab/acidlab_0.9.6b20-13.diff.gz
acidlab_0.9.6b20-13.dsc
to pool/main/a/acidlab/acidlab_0.9.6b20-13.dsc
acidlab_0.9.6b20-13_all.deb
to pool/main/a/acidlab/acidlab_0.9.6b20-13_all.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Javier Fernandez-Sanguino Pen~a <[EMAIL PROTECTED]> (supplier of updated
acidlab package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Sun, 30 Oct 2005 22:05:35 +0100
Source: acidlab
Binary: acidlab-doc acidlab-pgsql acidlab acidlab-mysql
Architecture: source all
Version: 0.9.6b20-13
Distribution: unstable
Urgency: high
Maintainer: Jeremy T. Bouse <[EMAIL PROTECTED]>
Changed-By: Javier Fernandez-Sanguino Pen~a <[EMAIL PROTECTED]>
Description:
acidlab - Analysis Console for Intrusion Databases
acidlab-doc - Analysis Console for Intrusion Databases (documentation)
acidlab-mysql - Analysis Console for Intrusion Databases for MySQL
acidlab-pgsql - Analysis Console for Intrusion Databases for Postgres
Closes: 155212 247730 270171 303217 307712 314566 315135 331732
Changes:
acidlab (0.9.6b20-13) unstable; urgency=high
.
* Patch [013] SECURITY fix:
- Add proper filtering in all ImportHTTP variables using either the new
functions to check for numeric/alphanumeric chars or the filterSql()
function to prevent SQL injection attacks. This patch fixes CVE-2005-3325
but also other attack vectors not mentioned in the initial advisory
(http://www.frsirt.com/english/advisories/2005/2188)
* Patch [014] Updated dates of php selections up to 2007
* Changed patch [010]: fix locations of Nessus
* New patch [015]: fix location of Snort database, provided alternative
Ports lookup and added alternative locations for DNS queries (Closes:
#315135)
* Fixed FSF address in debian/copyright
* Patch [016]: Allow graphic data to be represented until 2007. This patch
together with patch [014] means that acid's last date is 2007 which should
be
enough since we are going to replace it with BASE in the short term
(Closes: #314566, #307712, #303217, #270171)
* Document the changes that need to be done in order to extend the available
year options (Closes: #247730)
* Added a debian/TODO to describe how to fix the issue with new years with a
simple for each loop.
* Acidlab now depends on "| debconf-2.0" as requested by Joey Hess, I
changed debian/packages instead of debian/control this time (Closes:
#331732)
* To reduce the risk of possible vulnerabilities in the code, made the
default apache.conf allow access only from localhost and document this in
the README file
* Document the fact that this version is actually 0.9.6b20+patches from the
latest upstream release 0.9.6b23 and that the later will never be
released. (Closes: #155212)
* Added the upstream homepage to all package descriptions.
Files:
738b1a585919b2b924e24fbb34ce3be7 840 web extra acidlab_0.9.6b20-13.dsc
7b39c7253ad82010d391af41e4c97d14 354649 web extra acidlab_0.9.6b20-13.diff.gz
379034fb2cff2fdfa89544ed970337ed 5212 web extra
acidlab-mysql_0.9.6b20-13_all.deb
9ef04ab7465ea79030e1a0730162dd8c 5212 web extra
acidlab-pgsql_0.9.6b20-13_all.deb
70d81053834bee5af9efe9a47a2b2b69 276742 web extra
acidlab-doc_0.9.6b20-13_all.deb
2a3bc0f45d4b6f7afbdc760715676563 663152 web extra acidlab_0.9.6b20-13_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
iQCVAwUBQ2dxS/tEPvakNq0lAQI/TAQAqHql26lFMOqn1tMtptBx3NB8fO/UwSSq
Mvr/eQHkw6b1g3ep3P5EwMh7pPzVHphUVsV8HFUXCRcYWllxYS99bir7mNWrJmvh
eoBowIV/siRUUdZrNrrDQLbDW7ACgW05yE9yBBbHNw4cp9hVTbBVE1GWZv6BK6wJ
kn3TycSBiQc=
=fuif
-----END PGP SIGNATURE-----
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
