Your message dated Sun, 25 Dec 2005 06:47:10 -0800
with message-id <[EMAIL PROTECTED]>
and subject line Bug#244673: fixed in mailman 2.1.6-1
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--------------------------------------
Received: (at submit) by bugs.debian.org; 19 Apr 2004 12:58:54 +0000
>From [EMAIL PROTECTED] Mon Apr 19 05:58:54 2004
Return-path: <[EMAIL PROTECTED]>
Received: from aktaia.intevation.org (albunea.hq) [212.95.126.10]
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1BFYMP-0003D0-00; Mon, 19 Apr 2004 05:58:54 -0700
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: Bernhard Reiter <[EMAIL PROTECTED]>
To: Debian Bug Tracking System <[EMAIL PROTECTED]>
Subject: mailman: apply important fixes
Bcc: Bernhard Reiter <[EMAIL PROTECTED]>
X-Mailer: reportbug 2.48
Date: Mon, 19 Apr 2004 14:59:30 +0200
Message-Id: <[EMAIL PROTECTED]>
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2004_03_25
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_30,HAS_PACKAGE
autolearn=no version=2.60-bugs.debian.org_2004_03_25
X-Spam-Level:
X-CrossAssassin-Score: 1
Package: mailman
Version: 2.1.4-4
Severity: important
Tags: security
Mailman 2.1.4 has several important bugs:
Security relevant: Mailman breaks message signatures
for S/MIME and OpenPGP cases.
This is a security problem, because
users will learn this and are more likely
to attribute real manipulation to Mailman
instead noticing them.
Important, because data loss possible.:
Mailman scrubs some text message parts under certain conditions
when archiving. The data cannot be seen in the HTML archive
and might also not be in the mbox archive, it is lost.
Important: Mailman List-ID might violate the standard RFC.
And the List-ID should not change much, users will be annoyed.
I wrote two patches and put them together with the third one on:
ftp.intevation.de/users/bernhard/mailman
(Each patch has its own description in the top
including the corresponding updstream bug numbers.)
Yes I am running this combination of patches successfully
with on a site with Debian (internal packaging name 2.1.4-4ber1).
Bernhard
---------------------------------------
Received: (at 244673-close) by bugs.debian.org; 25 Dec 2005 14:51:51 +0000
>From [EMAIL PROTECTED] Sun Dec 25 06:51:51 2005
Return-path: <[EMAIL PROTECTED]>
Received: from katie by spohr.debian.org with local (Exim 4.50)
id 1EqX9S-0001zN-DH; Sun, 25 Dec 2005 06:47:10 -0800
From: Lionel Elie Mamane <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
X-Katie: $Revision: 1.65 $
Subject: Bug#244673: fixed in mailman 2.1.6-1
Message-Id: <[EMAIL PROTECTED]>
Sender: Archive Administrator <[EMAIL PROTECTED]>
Date: Sun, 25 Dec 2005 06:47:10 -0800
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Level:
X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER
autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-CrossAssassin-Score: 3
Source: mailman
Source-Version: 2.1.6-1
We believe that the bug you reported is fixed in the latest version of
mailman, which is due to be installed in the Debian FTP archive:
mailman_2.1.6-1.diff.gz
to pool/main/m/mailman/mailman_2.1.6-1.diff.gz
mailman_2.1.6-1.dsc
to pool/main/m/mailman/mailman_2.1.6-1.dsc
mailman_2.1.6-1_sparc.deb
to pool/main/m/mailman/mailman_2.1.6-1_sparc.deb
mailman_2.1.6.orig.tar.gz
to pool/main/m/mailman/mailman_2.1.6.orig.tar.gz
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Lionel Elie Mamane <[EMAIL PROTECTED]> (supplier of updated mailman package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160
Format: 1.7
Date: Sun, 25 Dec 2005 15:13:36 +0100
Source: mailman
Binary: mailman
Architecture: source sparc
Version: 2.1.6-1
Distribution: unstable
Urgency: low
Maintainer: Mailman for Debian <[EMAIL PROTECTED]>
Changed-By: Lionel Elie Mamane <[EMAIL PROTECTED]>
Description:
mailman - Powerful, web-based mailing list manager
Closes: 244673 244699 311414 343029
Changes:
mailman (2.1.6-1) unstable; urgency=low
.
* The "Quick, quick, upload before upstream releases a new version" release
* New upstream release: (closes: #311414)
New release packaging work:
- Drop patches integrated upstream (or same fix in another way):
handle-from-in-non-ascii
75_danish_options_traceback
73_list-id_strict_rfc
69_python24_bouncehandler_datetime
65_donot_add_empty_cc
57_fix_missing_da_template
04_CAN-2005-0202
03_CAN-2004-1143
02_CAN-2004-1177_driver_css
- Upstream doesn't ship README.{EXIM,POSTFIX} anymore: Drop their patch
- Update patches
62_new_list_bad_pending_requests
64_correct_html_nesting
68_translation_update_nl
70_invalid_utf8_dos.dpatch
99_js_templates
Bugs fixed upstream:
- Possible data loss in archives (closes: #244699)
* Don't fold headers in attachments (closes: #244673)
This avoids breaking cryptographic signatures
* Warn that list passwords are broken on upgrade from 2.0 (closes: #343029)
Files:
e4e6456ba10c6f8d94c289e7762397c4 738 mail optional mailman_2.1.6-1.dsc
4e0f9d09c1553bd1a0a5327052179ca2 6482726 mail optional
mailman_2.1.6.orig.tar.gz
addf55484dbf9bfc0b021c34d51d4560 191965 mail optional mailman_2.1.6-1.diff.gz
079b89ff0bce69bd023d284c393133a1 7676726 mail optional
mailman_2.1.6-1_sparc.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
iEYEAREDAAYFAkOurwMACgkQscRzFz57S3N6LgCdEzLr9woAqN8XVRIDiqFHUaCB
IRkAoMFLc0rUlql5rcrGrTS1dKRQjgGp
=qh14
-----END PGP SIGNATURE-----
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
