Your message dated Sat, 18 Aug 2018 06:34:44 +0000
with message-id <[email protected]>
and subject line Bug#905901: fixed in lldpad 1.0.1+git20180808.4e642bd-1
has caused the Debian Bug report #905901,
regarding lldpad: CVE-2018-10932: improper sanitization of shell-escape codes
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
905901: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=905901
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: lldpad
Version: 1.0.1+git20150824.036e314-4
Severity: important
Tags: patch security upstream
Forwarded: https://github.com/intel/openlldp/pull/7
Hi,
The following vulnerability was published for lldpad.
CVE-2018-10932[0]:
improper sanitization of shell-escape codes
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2018-10932
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10932
Please adjust the affected versions in the BTS as needed.
Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: lldpad
Source-Version: 1.0.1+git20180808.4e642bd-1
We believe that the bug you reported is fixed in the latest version of
lldpad, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Valentin Vidic <[email protected]> (supplier of updated lldpad package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Fri, 17 Aug 2018 12:14:54 +0200
Source: lldpad
Binary: lldpad-dev lldpad
Architecture: source
Version: 1.0.1+git20180808.4e642bd-1
Distribution: unstable
Urgency: medium
Maintainer: Debian FCoE Maintainers <[email protected]>
Changed-By: Valentin Vidic <[email protected]>
Description:
lldpad - Link Layer Discovery Protocol Implementation (Runtime)
lldpad-dev - Link Layer Discovery Protocol Implementation (Development headers
Closes: 905901
Changes:
lldpad (1.0.1+git20180808.4e642bd-1) unstable; urgency=medium
.
* New upstream version 1.0.1+git20180808.4e642bd
- Fixes CVE-2018-10932: improper sanitization of shell-escape
codes (Closes: #905901)
* Refresh patches for new upstream version
* Add symbols for liblldp_clif.so.1
* Package test lldpad only
Checksums-Sha1:
24228b9be60f795a51a068ea21a886eb3d088de7 2318
lldpad_1.0.1+git20180808.4e642bd-1.dsc
3040a4355a6f22128c8884b8b2153dc7fdb51774 432355
lldpad_1.0.1+git20180808.4e642bd.orig.tar.gz
a12c9701aa5e5ca1ddfc746eee73cabfe5f15b45 9252
lldpad_1.0.1+git20180808.4e642bd-1.debian.tar.xz
75e223a71690534fb295aec0e4cca5e4b4838923 6478
lldpad_1.0.1+git20180808.4e642bd-1_amd64.buildinfo
Checksums-Sha256:
ab9788ee1762af86c3d4a88edb94b659f74eaf423c5bf52dae2316ca0e26a7ee 2318
lldpad_1.0.1+git20180808.4e642bd-1.dsc
e0602229902ec6e4003a762c72a421d5e3caac97f7f62595e8444c14392fbe2d 432355
lldpad_1.0.1+git20180808.4e642bd.orig.tar.gz
f145dcfc01bdd10aac4055fedd1cf89728c0a97e1b3b69d28c0bd0b1daaa513e 9252
lldpad_1.0.1+git20180808.4e642bd-1.debian.tar.xz
1d6527f0eb0eddc13891cad13ad306c2c8f7f500220efec883b50638ee82ae6a 6478
lldpad_1.0.1+git20180808.4e642bd-1_amd64.buildinfo
Files:
e2bb20f33fe1d2c5433466f8d39ee0b7 2318 net optional
lldpad_1.0.1+git20180808.4e642bd-1.dsc
4077821bd429418f65c6c14429f78f90 432355 net optional
lldpad_1.0.1+git20180808.4e642bd.orig.tar.gz
ff580e8252af5d7805ffe70a566ba5da 9252 net optional
lldpad_1.0.1+git20180808.4e642bd-1.debian.tar.xz
92cdc453196f63772fb08567de8dc6f1 6478 net optional
lldpad_1.0.1+git20180808.4e642bd-1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQJIBAEBCgAyFiEE5Qr9Va3SequXFjqLIdIFiZdLPpYFAlt3ub0UHHRtYW5jaWxs
QGRlYmlhbi5vcmcACgkQIdIFiZdLPpZrGBAAr9BY1SjUN3NJfvb6pti8uKf2e3U0
zjQ2pc8PNvlbd0P5Eu+1FOJFLiWs42hDEX3IyD+HgPTiB3CJO3WoXRn6AFNzu2XT
n2ZiT/m5D1XYCXqJT+/hXiH0bSZi/KqMEfko6TUtIkmPTOFajHXRzlTpvNs806gC
Oc5B90cYTaILu7P2O6Kgml+FIiyOJqCLUwHFP0pCbVzzqexQNIPFuo+ZGUyRQTse
TSfPfYNiLAuPOWNq3z0XbD16dpzJOXTBVYpx4ZfZG+rRTlgmffT31eDpM3e9odGC
RW5GE31T+a5Et2+XyXUE3/2NDPzeqJsOOjzLJvqL7oCgLGz00tpYwRmFecYUMVJu
6McV7+qBNtQqb0ihTGsBQ56U+QzXNTGhlKuDs5FcaTiL/bTymcd+Qisl4Gb/rZzi
eYlofwlU3vnzYhUtEDufNfskFb19J1I4DkftC58OCWY+vfxK6DRi1h3teUJv5dqn
7EZLX+fo24aTAknlcP/aeE0lw56B2d2r5YfdyrWuN62Yhq3Il2wCJRi+xW9QKNgl
WsK0FE3QbLTjVGIRtK3kYMTBtmsVyRH+thgZ4LufrNON6nO9JAfJNtgOVPgyNGKQ
ukKWL5CxCEVYInuAZ8CQaBeTyGz6jq3zl79aOk4dg4FIW3uYb94KuXTieQH6b47V
rWzbqqCQ8/EUrdU=
=s8FO
-----END PGP SIGNATURE-----
--- End Message ---