Bug#826728: marked as done (percona-toolkit: (CVE-2014-2029) scripts call back home and leak information)

Tue, 22 Nov 2016 07:09:53 -0800 

Your message dated Tue, 22 Nov 2016 15:07:40 +0000
with message-id <[email protected]>
and subject line Bug#826728: fixed in percona-toolkit 2.2.19-1
has caused the Debian Bug report #826728,
regarding percona-toolkit: (CVE-2014-2029) scripts call back home and leak 
information
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
826728: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=826728
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message --- 
Package: percona-toolkit
Version: 2.2.11-1~dfsg1
Severity: grave
Tags: security

Hi!

This package contains many scripts which call back home to check for
a new upstream versions. In addition they also report back things such
as hostname and port and similar. It seems this was previously disabled
or removed due to CVE-2014-2029 (#740846), but the patch got lost
somewhere?

This affects the current stable/testing/unstable distributions AFAICS.

Thanks,
Guillem

--- End Message ---
--- Begin Message --- 
Source: percona-toolkit
Source-Version: 2.2.19-1

We believe that the bug you reported is fixed in the latest version of
percona-toolkit, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Dario Minnucci <[email protected]> (supplier of updated percona-toolkit package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Tue, 22 Nov 2016 15:11:22 +0100
Source: percona-toolkit
Binary: percona-toolkit
Architecture: source all
Version: 2.2.19-1
Distribution: unstable
Urgency: medium
Maintainer: Dario Minnucci <[email protected]>
Changed-By: Dario Minnucci <[email protected]>
Description:
 percona-toolkit - Command-line tools for MySQL and system tasks
Closes: 826728
Changes:
 percona-toolkit (2.2.19-1) unstable; urgency=medium
 .
   * New upstream release (2.2.19)
   * Add preconfigured /etc/percona-toolkit/percona-toolkit.conf file
     to disable the 'version-check' functionality which is enabled by
     default in upstream code.
     This method is valid to disable the 'version-check' functionality
     on other percona-toolkit versions. (Closes: #826728)
   * debian/control:
     - Fix Vcs-Git and Vcs-Browser URLs
Checksums-Sha1:
 3d967b577dbd3f6b76c366591280e5b0fbeab1af 1998 percona-toolkit_2.2.19-1.dsc
 4f901335d208b1f97bc5db7a5908f7ecafab29f6 1425623 
percona-toolkit_2.2.19.orig.tar.gz
 b0c2ff57ac12de0c67dd36a2e77a78f83294f063 5728 
percona-toolkit_2.2.19-1.debian.tar.xz
 e15c714cbdccf9e0df79e5cb70c8f6a48c62f9c1 744322 
percona-toolkit_2.2.19-1_all.deb
 2c4973095a36a09d9c4349970be22d16c15d0502 4799 
percona-toolkit_2.2.19-1_amd64.buildinfo
Checksums-Sha256:
 f15bf7aea2253ad8879e3798150d46989b24c62575c43e8bd79a52cd0bd2256d 1998 
percona-toolkit_2.2.19-1.dsc
 e9f4d4730265813fa7a39ed8799d12ca5775c8e5d6fa27ff48bae11db0f7e671 1425623 
percona-toolkit_2.2.19.orig.tar.gz
 e1d19bb6d8547a2bbd58f6756e0b5ab8f4cfa743316cb1146239f5b3474aea8d 5728 
percona-toolkit_2.2.19-1.debian.tar.xz
 4884014df385fba4a27f6cd55ec0c6f881b7afa93529b64aff3ee8433b0b51a4 744322 
percona-toolkit_2.2.19-1_all.deb
 8bd4da237ca6a5451ac342a478961be9596f7ad253337db796117fbae69544b3 4799 
percona-toolkit_2.2.19-1_amd64.buildinfo
Files:
 9287b1f6342a6792a1f403eb51105693 1998 utils optional 
percona-toolkit_2.2.19-1.dsc
 598653ec1412e4c6f9e74d1af62e4bf1 1425623 utils optional 
percona-toolkit_2.2.19.orig.tar.gz
 7788369a9d260aae82efa9f8d64e8790 5728 utils optional 
percona-toolkit_2.2.19-1.debian.tar.xz
 771f3d5c673298b711dd32f836bc1a28 744322 utils optional 
percona-toolkit_2.2.19-1_all.deb
 9a064d43455ceef2d7c028395f45935e 4799 utils optional 
percona-toolkit_2.2.19-1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJGBAEBCAAwFiEEuqF6r7IdZWfUV9Z9qC+7g/PVcDMFAlg0UsYSHG1pZGdldEBk
ZWJpYW4ub3JnAAoJEKgvu4Pz1XAzV2EP/20taLups6ZtwAsT/uadO0rbpVqTdhcZ
THkxaAjISmq5IEVHnR8V5x6DR+tBPu54aGiaFrQgC1cWNTHBQHsj7ST17FrYaamQ
VvZluTsVwdl3aLxZoOqStILBhoDBOpf2roNjnrcB28HKAx6F0ZJl7TDUO/+ElRPT
xF4i1CjxwP/WHZtiQWCXBS7EmXNBkA2Q+436GTxDdDRhbacyI3TPzhPXDJ+6BULk
aNEfD0Qljcs/e20Af8IBZISlzKqPQ0GPC9KjBLUsyvoXBg5xDoPziDYuiVSqhl6B
3JAztFFIFkBzJgEDnJiRnT1eZ1oA1t8sB30anrlfKQjsr8ZRKhnMEqvMaLXzbcoJ
DEZV+2No97gwRVpi/rzlunjlRr14F150KGf6eSs/oqQKF53A5m7CaCWHT7QvV68/
qqUFguQqFDFqn6n7SPWlqk+b2izyR4lxURfJct38rdZKVp87zCw/r/o/IPEVyEbx
gFuI3CwQUc9DMtya7U3yGR4qX1ZP4z4EOrF5rm1a723JxuwYXH81NUAj5uDG88LG
YTkvJMoGkivD583p5FcFF724746W+s6UfGQxdiIcs7ZQA3Bq3XpgNEzBzB9BK2dS
lG5aVM9SvX2YxnY1+gaGtRhZYM4E6F4dRb41wjQ9XUnep6hTzzp/bb9E2H7iHttb
DxhmXvipSXfY
=7QxQ
-----END PGP SIGNATURE-----

--- End Message ---

Reply via email to