Your message dated Sat, 06 Aug 2016 16:22:34 +0000
with message-id <[email protected]>
and subject line Bug#833467: fixed in python-hpack 2.3.0-1
has caused the Debian Bug report #833467,
regarding python-hpack: CVE-2016-6581
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
833467: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=833467
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: python-hpack
Version: 2.2.0-1
Severity: important
Tags: security upstream patch fixed-upstream

Hi,

the following vulnerability was published for python-hpack.

CVE-2016-6581[0]:
HPACK Bomb

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2016-6581
[1] https://github.com/python-hyper/hpack/pull/56

Regards,
Salvatore

--- End Message ---
--- Begin Message ---
Source: python-hpack
Source-Version: 2.3.0-1

We believe that the bug you reported is fixed in the latest version of
python-hpack, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Sebastien Delafond <[email protected]> (supplier of updated python-hpack package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 06 Aug 2016 08:28:46 -0700
Source: python-hpack
Binary: python-hpack python3-hpack
Architecture: source all
Version: 2.3.0-1
Distribution: unstable
Urgency: medium
Maintainer: Sebastien Delafond <[email protected]>
Changed-By: Sebastien Delafond <[email protected]>
Description:
 python-hpack - Pure-Python HTTP/2 header encoding (HPACK)
 python3-hpack - Pure-Python3 HTTP/2 header encoding (HPACK)
Closes: 833467
Changes:
 python-hpack (2.3.0-1) unstable; urgency=medium
 .
   * Imported Upstream version 2.3.0 (Closes: #833467, CVE-2016-6581)
Checksums-Sha1:
 6dfcf411d2581c22229684ed1fe14de61d06fd3d 1720 python-hpack_2.3.0-1.dsc
 7e9a9261c49ca46980407cf346e995668f619a60 3437860 
python-hpack_2.3.0.orig.tar.bz2
 a85dedcb06fde2db53a4dd73afe2ba9a791d9740 2112 
python-hpack_2.3.0-1.debian.tar.xz
 43b9338a316e4bc1c6caf2ac5f2a1ba02097032a 41470 python-hpack_2.3.0-1_all.deb
 553c30b8f71a02bd3fc94f42f0a01db4d89b57e6 38924 python3-hpack_2.3.0-1_all.deb
Checksums-Sha256:
 ed73952f2c948f6b75d5106e4868aa419805633663d56f6ee3a5df411bf16235 1720 
python-hpack_2.3.0-1.dsc
 87a8df2ae284896a491ac4dbd7276237c763f57c45062c43baf50e228b139b21 3437860 
python-hpack_2.3.0.orig.tar.bz2
 f7ca0c4ad9cc087ef7f55004ba0d3ae2f3bbc12e0e866fd9ce5983f1b0281430 2112 
python-hpack_2.3.0-1.debian.tar.xz
 4ba3bb0aec41be8f244b3108e1a794babced509ce4f4d0133260b4c64af70526 41470 
python-hpack_2.3.0-1_all.deb
 4f0bc8eaa206715df19d90a5e269321f553ca6076788d37ff3dd22a2c6ec38e1 38924 
python3-hpack_2.3.0-1_all.deb
Files:
 49a36cfab19ae71efb3de7de37145b58 1720 python optional python-hpack_2.3.0-1.dsc
 402af9567e1551a9528059ddd807d689 3437860 python optional 
python-hpack_2.3.0.orig.tar.bz2
 f777956c24907063ab3a5ffa781e1700 2112 python optional 
python-hpack_2.3.0-1.debian.tar.xz
 ee03fca970884aa437a5e8387d7761bc 41470 python optional 
python-hpack_2.3.0-1_all.deb
 c4cd3f50376edd5a2308e55a124b6129 38924 python optional 
python3-hpack_2.3.0-1_all.deb

-----BEGIN PGP SIGNATURE-----

iQEcBAEBCgAGBQJXpgW1AAoJEBC+iYPz1Z1kwTkH/iqXhsvyiTsm2BWINCZ5pikt
DNTof9Km6xVULM4s/0+ciJ/rRpqaDIBPQpbesQgN5dKDW9Aki4yp/FoQycBXXfuj
G0nqTIyFaIFM9DvoPp04H72ltxOVVt/svrV5rV3xyWnRALTtqKmuwzCCh8R32ZB5
wCbgnpdDdGuMIwipZRIWnw0sqUfonfTBkfJFUL5aLGPjd45UH4HfmqrmW6JtpJFl
FQpTwdzkKqUdG4taTIuRyg1IkBEdWdn5RX0D293+STE4XykNEqv9UyNEUHPMhpkW
XcPGnLyR0ci1obfEP7gYrzm3COZ72+dDPf+pxVl3sQY6MAAcsMmKSgj03pG6o68=
=KYiA
-----END PGP SIGNATURE-----

--- End Message ---

Reply via email to