Your message dated Sun, 15 Apr 2018 18:21:59 +0000 with message-id <e1f7mhn-0008qs...@fasolo.debian.org> and subject line Bug#895728: fixed in tlslite-ng 0.7.4-1 has caused the Debian Bug report #895728, regarding tlslite-ng: CVE-2018-1000159: Improper Validation of Integrity Check Value vulnerability to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 895728: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=895728 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Source: tlslite-ng Version: 0.5.1-1 Severity: important Tags: patch security upstream Forwarded: https://github.com/tomato42/tlslite-ng/pull/235 Hi, The following vulnerability was published for tlslite-ng. CVE-2018-1000159[0]: Improper Validation of Integrity Check Value vulnerability If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2018-1000159 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000159 [1] https://github.com/tomato42/tlslite-ng/pull/235 [2] https://github.com/tomato42/tlslite-ng/pull/235/commits/e5e9145558f4c1a81071c61c947aa55a52542585 Regards, Salvatore
--- End Message ---
--- Begin Message ---Source: tlslite-ng Source-Version: 0.7.4-1 We believe that the bug you reported is fixed in the latest version of tlslite-ng, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 895...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Daniel Stender <sten...@debian.org> (supplier of updated tlslite-ng package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sun, 15 Apr 2018 19:51:41 +0200 Source: tlslite-ng Binary: python-tlslite-ng python3-tlslite-ng Architecture: source all Version: 0.7.4-1 Distribution: unstable Urgency: medium Maintainer: Daniel Stender <sten...@debian.org> Changed-By: Daniel Stender <sten...@debian.org> Description: python-tlslite-ng - pure Python implementation of SSL/TLS protocols python3-tlslite-ng - pure Python3 implementation of SSL/TLS protocols Closes: 895728 Changes: tlslite-ng (0.7.4-1) unstable; urgency=medium . * New upstream release (Closes: #895728). Includes fix of CVE-2018-1000159. * deb/control: bump standards to 4.1.4 (no changes needed). Checksums-Sha1: 3efd66e2750f100b4cea1cf2f82361d2150acdf5 2434 tlslite-ng_0.7.4-1.dsc c98cda90555ea17ae7cf31eb1fd3292be68641a9 239576 tlslite-ng_0.7.4.orig.tar.xz 78d0fdbc6af86ee8be1d08fa8b7e81ecacfa8e9c 5980 tlslite-ng_0.7.4-1.debian.tar.xz f6c257a3ae3a281db7ebb4eb2660be3fb187f7ac 148388 python-tlslite-ng_0.7.4-1_all.deb 4e351c435a57d897a717d8ce134b5cde7dd54d4e 148120 python3-tlslite-ng_0.7.4-1_all.deb 8b83fcd24d07024363274a5d6e1532ae7d013175 7552 tlslite-ng_0.7.4-1_amd64.buildinfo Checksums-Sha256: 82147e6eec06444235376b7c120aeb8c35aafb1c16dd04cf62727a2fe6f10a4e 2434 tlslite-ng_0.7.4-1.dsc d129162fd40418dd5124580c891efef8cabaccef36611879891d5057362604d4 239576 tlslite-ng_0.7.4.orig.tar.xz 62b79a19d65a99553b72a8ca1af860a5ecceae800eeaed79d39b667619f71f1d 5980 tlslite-ng_0.7.4-1.debian.tar.xz ae7c8d69d1dbb411d97a3b232bcec7d6b67a30d7229f06311884f8741657ca3f 148388 python-tlslite-ng_0.7.4-1_all.deb 1fde4856ad89149ec11ebae9b5cca826b8dfb52ff9151fee74292d3e123c5c45 148120 python3-tlslite-ng_0.7.4-1_all.deb 584a18588ec93c8c2628286d8749a51500ecdc55bf51b2cc8e53daf3c6cb00c8 7552 tlslite-ng_0.7.4-1_amd64.buildinfo Files: 96f592a474952aa7401f10c21a8c3c7d 2434 python optional tlslite-ng_0.7.4-1.dsc 7e313747a955bc9ea3c8088d1077ff11 239576 python optional tlslite-ng_0.7.4.orig.tar.xz 4460bc4249755c05df2ef36a16042e75 5980 python optional tlslite-ng_0.7.4-1.debian.tar.xz c070f428e47919f70aa6103a3c6cde19 148388 python optional python-tlslite-ng_0.7.4-1_all.deb a0d48b1b6d6c91a5d61e3e843cc144ba 148120 python optional python3-tlslite-ng_0.7.4-1_all.deb fd0544ef5f52a3cfd76a1f16da29a81d 7552 python optional tlslite-ng_0.7.4-1_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEERsscqJ6jt0N2dh25FeCa9N9RgsgFAlrTkjoACgkQFeCa9N9R gsi9qw/8CG/+pFoHvcLbf6hmYy10x5BpWbRTmi2CGLJ0NwddBjYwwhmsc2U5ixS/ 2MniNLshZEtqOtYk7At5c+QFb0e/R0Q8TYj+oMYO2REE9Qoj1HFrUEzEP7k+Hg5C ibEIOPUQvGnhKMpcntyqGGPFkCg3EphbDPAWnF7+EBoeiKYc58pCrbGUQg+HOc9O KD60mtqeZ56jQmSVExyeiCkWPxA/D78tB/Ee92q4qcNsfF7Hh+jAYDA/2HjvUTFr beV+erTVcz42g8mOsk0yjBiVw9A+Jrs54C2gi4Sfn+1f6XDB0yRb5CUV/tETFRr9 jsmsla2DyJZtG2pXMNKw+XmgHj3xuoB8i3LjeGce1InvqFv53bMk1llIhcfGkWmV 5nRMYRuvF+Y/u3DlI/5S6JAtSx5Fe+NxVdCimo/n/d/avII4ayj5S2PcqlKqW7hw p8ilAb3tSLTqSWMaoJczdj1+0Sf61hQV2/pToudo15iQ993DQ3+mbs3WX6qc7izD NVQ97KP2a52i8dokgBJWaqhopPPi5gjf6Xa+nTTcB/ZoJwQe1A6BstuynABo90yZ NvWAavm6DdQefoiBIFqp3uPYyWqfdgrvduP4n+q0NKqbgFeR9R2opEiv0b8qVQLZ AcYUkPhUjG/gmsLoQe92J+tLVWHUw1W+AgkRcgkk+Wo5Oft84NE= =ohnl -----END PGP SIGNATURE-----
--- End Message ---
