Your message dated Wed, 12 Oct 2016 17:11:18 +0300
with message-id <>
and subject line Closing Mantis bugs
has caused the Debian Bug report #778528,
regarding mantis: Fix for CVE-2014-8986 is not included in debian mantis 
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact

Debian Bug Tracking System
Contact with problems
--- Begin Message ---
Package: mantis
Severity: normal
Tags: patch

Dear Maintainer,

Debian reports CVE-2014-8986 as being fixed. This is incorrect, the patch for 
CVE-2014-8986 was not included in a release.

Details of the vulnerability and associated patch are available at

-- System Information:
Debian Release: 7.8
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.0-4-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

--- End Message ---
--- Begin Message ---
Version: 1.2.18-1+deb7u1+rm

Dear submitter,

the package mantis has been removed from the Debian unstable some 
time ago, and since mantis is not covered by the LTS security support
for wheezy there is no release where it is still security supported.

I therefore close the open bug reports in mantis.

We are sorry that we couldn't deal with your issue properly.

For details on the removal, please see



       "Is there not promise of rain?" Ling Tan asked suddenly out
        of the darkness. There had been need of rain for many days.
       "Only a promise," Lao Er said.
                                       Pearl S. Buck - Dragon Seed

--- End Message ---

Reply via email to