Your message dated Thu, 21 Jul 2016 02:13:46 +0200
with message-id <[email protected]>
and subject line ldapdiff was removed from Debian in 2011
has caused the Debian Bug report #306878,
regarding security hole in ldapdiff.conf path construction
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
306878: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=306878
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: ldapdiff
Version: 0.9.2-1
Severity: critical
Tags: security fixed-upstream
The change logs for ldapdiff report that a security hole in
ldapdiff.conf path construction was fixed in version 1.1.1
Upgrading to the current upstream version would both fix this security
hole as well as other bugs according to the upstream change logs.
Allan.
--- End Message ---
--- Begin Message ---
Version: 0.9.2-1.1+rm
ldapdiff was last released with Debian 6.0 (squeeze) in
February 2011 and removed from Debian sid/unstable later in 2011 (see
http://bugs.debian.org/519606 for details on the removal). Since
support for squeeze and squeeze-LTS has now ended, I'm closing all the
remaining bugs reported against this package.
Andreas
--- End Message ---
