Your message dated Tue, 07 May 2019 02:33:50 +0000
with message-id <[email protected]>
and subject line Bug#928518: fixed in electrum 3.2.3-1.1
has caused the Debian Bug report #928518,
regarding RM: electrum -- RoQA; Actively exploited for phishing
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
928518: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=928518
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: ftp.debian.org
Severity: normal
Hi. As discussed in
https://cointelegraph.com/news/phishing-attack-on-electrum-wallet-nets-hacker-almost-1-million-in-hours-report
the version of electrum in sid is vulnerable to mallware and has been
disabled by the electrum servers. So basically the version in sid is
only useful for getting your bitcoin phished. At least until this
version is updated it should be removed. See #921688 for details.
I understand that removing electrum means that it will need to take a
trip through new once fixed.
I think in this instance given that we haven't fixed such a critical issue in
months, it is justified.
signature.asc
Description: PGP signature
--- End Message ---
--- Begin Message ---
Source: electrum
Source-Version: 3.2.3-1.1
We believe that the bug you reported is fixed in the latest version of
electrum, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Sam Hartman <[email protected]> (supplier of updated electrum package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Mon, 06 May 2019 22:11:19 -0400
Source: electrum
Architecture: source
Version: 3.2.3-1.1
Distribution: unstable
Urgency: medium
Maintainer: Tristan Seligmann <[email protected]>
Changed-By: Sam Hartman <[email protected]>
Closes: 928518
Changes:
electrum (3.2.3-1.1) unstable; urgency=medium
.
* Non-maintainer upload.
* On startup print a warning that this version in insecure and then
exit, Closes: #928518
Checksums-Sha1:
f05b90fb8bbc2b0d279bdcca57ede7eb0ca6f284 1929 electrum_3.2.3-1.1.dsc
0a97b492d6018acd6bfc890135f8fafe18f6f1e2 16388 electrum_3.2.3-1.1.debian.tar.xz
Checksums-Sha256:
b68d8b14a92ea34e7e0220ea5d041283c971a36b4f240fa65bd140a2332c7e0e 1929
electrum_3.2.3-1.1.dsc
bf9942b88fbca2c8f1b9e27ad17d1b65a115547ac6b3b42a3ccdd13f714be47c 16388
electrum_3.2.3-1.1.debian.tar.xz
Files:
44b13494f7673a5b174b0b419cde5c41 1929 utils optional electrum_3.2.3-1.1.dsc
15ace1f7e970efd10d1164d39705474b 16388 utils optional
electrum_3.2.3-1.1.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
iQEzBAEBCAAdFiEE9Li3nMNy++OFgPTCQe7SUh/WssoFAlzQ60IACgkQQe7SUh/W
ssoqDQgAnXCliNlk+S4IBiul3wK//UZznUy3BPRZ2wux99mHjWRE5iViLeeAvai1
EXlLs+CkUqPmDDaJUuipHF60Mu4zJR7wciUHIr8KVLcsqIPYzSX9TbIwLY/uX5FS
bjPMN0UUY2QffhfueENMkLc572XH54EFtTrok/EvZXVzhtFWp55NN6O5lLdBLD5s
aXTFZYS3ml6LYFzZg145vhSbrkq8HlBaYQsN0RiLBkg426Ih4ddRVh/aSSJry/Ue
SVtLj/lri+8sMt9FHuASl1G5l+GGfQ/hXjY2VeJH3VqIM5en/GVhIDqbTB0ZjcQe
vzZcLLrhXXkH0TM29mt8NMV06wUPbg==
=R3HP
-----END PGP SIGNATURE-----
--- End Message ---
