Your message dated Fri, 16 Dec 2005 21:18:57 -0800
with message-id <[EMAIL PROTECTED]>
and subject line Bug#325444: fixed in affix 2.1.1-3
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--------------------------------------
Received: (at submit) by bugs.debian.org; 28 Aug 2005 18:56:05 +0000
>From [EMAIL PROTECTED] Sun Aug 28 11:56:05 2005
Return-path: <[EMAIL PROTECTED]>
Received: from (vserver151.vserver151.serverflex.de) [193.22.164.111]
by spohr.debian.org with esmtp (Exim 3.36 1 (Debian))
id 1E9SK5-0007Xv-00; Sun, 28 Aug 2005 11:56:05 -0700
Received: from dsl-082-082-138-168.arcor-ip.net ([82.82.138.168]
helo=localhost.localdomain)
by vserver151.vserver151.serverflex.de with esmtpsa
(TLS-1.0:RSA_AES_256_CBC_SHA:32)
(Exim 4.50)
id 1E9SJz-0006Ae-8T
for [EMAIL PROTECTED]; Sun, 28 Aug 2005 20:55:59 +0200
Received: from jmm by localhost.localdomain with local (Exim 4.52)
id 1E9SKX-0002M6-Gd; Sun, 28 Aug 2005 20:56:33 +0200
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: Moritz Muehlenhoff <[EMAIL PROTECTED]>
To: Debian Bug Tracking System <[EMAIL PROTECTED]>
Subject: affix: Insecure usage of popen() in btsrv.c
X-Mailer: reportbug 3.16
Date: Sun, 28 Aug 2005 20:56:33 +0200
X-Debbugs-Cc: [EMAIL PROTECTED]
Message-Id: <[EMAIL PROTECTED]>
X-SA-Exim-Connect-IP: 82.82.138.168
X-SA-Exim-Mail-From: [EMAIL PROTECTED]
X-SA-Exim-Scanned: No (on vserver151.vserver151.serverflex.de); SAEximRunCond
expanded to false
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Level:
X-Spam-Status: No, hits=-11.0 required=4.0 tests=BAYES_00,HAS_PACKAGE,
X_DEBBUGS_CC autolearn=ham version=2.60-bugs.debian.org_2005_01_02
Package: affix
Severity: important
Tags: security
Please see http://www.digitalmunition.com/DMA[2005-0826a].txt
for full details of the advisory. A patch is available at
http://affix.sourceforge.net/patch_btsrv_affix_2_1_2
Cheers,
Moritz
-- System Information:
Debian Release: testing/unstable
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.12-rc5
Locale: LANG=C, [EMAIL PROTECTED] (charmap=ISO-8859-15)
---------------------------------------
Received: (at 325444-close) by bugs.debian.org; 17 Dec 2005 05:21:47 +0000
>From [EMAIL PROTECTED] Fri Dec 16 21:21:47 2005
Return-path: <[EMAIL PROTECTED]>
Received: from katie by spohr.debian.org with local (Exim 4.50)
id 1EnUTB-0007lh-Qj; Fri, 16 Dec 2005 21:18:57 -0800
From: Mario Joussen <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
X-Katie: $Revision: 1.17 $
Subject: Bug#325444: fixed in affix 2.1.1-3
Message-Id: <[EMAIL PROTECTED]>
Sender: Archive Administrator <[EMAIL PROTECTED]>
Date: Fri, 16 Dec 2005 21:18:57 -0800
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Level:
X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER
autolearn=no version=2.60-bugs.debian.org_2005_01_02
Source: affix
Source-Version: 2.1.1-3
We believe that the bug you reported is fixed in the latest version of
affix, which is due to be installed in the Debian FTP archive:
affix_2.1.1-3.diff.gz
to pool/main/a/affix/affix_2.1.1-3.diff.gz
affix_2.1.1-3.dsc
to pool/main/a/affix/affix_2.1.1-3.dsc
affix_2.1.1-3_i386.deb
to pool/main/a/affix/affix_2.1.1-3_i386.deb
libaffix-dev_2.1.1-3_i386.deb
to pool/main/a/affix/libaffix-dev_2.1.1-3_i386.deb
libaffix2_2.1.1-3_i386.deb
to pool/main/a/affix/libaffix2_2.1.1-3_i386.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Mario Joussen <[EMAIL PROTECTED]> (supplier of updated affix package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Mon, 29 Aug 2005 15:59:48 +0200
Source: affix
Binary: libaffix2 libaffix-dev affix
Architecture: source i386
Version: 2.1.1-3
Distribution: stable-security
Urgency: high
Maintainer: Mario Joussen <[EMAIL PROTECTED]>
Changed-By: Mario Joussen <[EMAIL PROTECTED]>
Description:
affix - User space utilities for the Affix Bluetooth protocol stack
libaffix-dev - Development files for the Affix Bluetooth protocol stack
libaffix2 - Libraries for the Affix Bluetooth protocol stack
Closes: 325444
Changes:
affix (2.1.1-3) stable-security; urgency=high
.
* Security fix.
* Applied patch provided by upstream to fix poor use of popen() in
btsrv.
[CAN-2005-2716] (closes: Bug#325444)
Files:
616d043f1c72b3a8ebcae37e4a59fb98 669 net extra affix_2.1.1-3.dsc
34af8e6b1d20d99d01427f7da5c777ef 415816 net extra affix_2.1.1.orig.tar.gz
0914c96291c7bf8a4bbf5d05e5dc74c5 81959 net extra affix_2.1.1-3.diff.gz
87f0ced911c009e8cad63b1f1f517e0d 84952 net extra affix_2.1.1-3_i386.deb
6c1a4dde54ea88022052473c1385418d 59644 libs optional libaffix2_2.1.1-3_i386.deb
e98b76db0c1be17fd0a0fad388580e28 63360 libdevel extra
libaffix-dev_2.1.1-3_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
iD8DBQFDFAONMHtSKdKmuBARAgnzAJ0VVsh5JniFmOee8v9jnKKRgB/6jQCdGqdF
Iqp65MEt4Cnvcce2+aadohw=
=Oc5f
-----END PGP SIGNATURE-----
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
