Your message dated Sat, 30 May 2020 17:47:25 +0000
with message-id <[email protected]>
and subject line Bug#961060: fixed in netqmail 1.06-6.2~deb9u1
has caused the Debian Bug report #961060,
regarding qmail-verify: CVE-2020-3811 CVE-2020-3812
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
961060: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=961060
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: netqmail
Version: 1.06-6.1
Severity: grave
Tags: security upstream
Justification: user security hole
Control: found -1 1.06-6
Control: found -1 1.06-5
Hi
See https://www.openwall.com/lists/oss-security/2020/05/19/8 for the
Qualys advisory covering CVE-2020-3811 and CVE-2020-3812.
Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: netqmail
Source-Version: 1.06-6.2~deb9u1
Done: Salvatore Bonaccorso <[email protected]>
We believe that the bug you reported is fixed in the latest version of
netqmail, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Salvatore Bonaccorso <[email protected]> (supplier of updated netqmail package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Thu, 21 May 2020 14:06:19 +0200
Source: netqmail
Architecture: source
Version: 1.06-6.2~deb9u1
Distribution: stretch-security
Urgency: high
Maintainer: Gerrit Pape <[email protected]>
Changed-By: Salvatore Bonaccorso <[email protected]>
Closes: 672155 866038 961060
Changes:
netqmail (1.06-6.2~deb9u1) stretch-security; urgency=high
.
* Non-maintainer upload by the Security Team.
* Rebuild for stretch-security
.
netqmail (1.06-6.2) unstable; urgency=high
.
* Address CVE-2005-1513, CVE-2005-1514, CVE-2005-1515, CVE-2020-3811 and
CVE-2020-3812 (Closes: #961060)
.
netqmail (1.06-6.1) unstable; urgency=medium
.
* Non-maintainer upload.
* [fdc8794a] Setup Gitlab continous integration
* [73e52807] Fix quotation in postinst (Closes: #866038)
* [2fc47776] Make package piupart-clean (Closes: #672155)
Checksums-Sha1:
a2637165d8e7eadf4c525eb0153c3abc31ad6e15 1895 netqmail_1.06-6.2~deb9u1.dsc
9ee9a603e2ad3d8e1d34b900e19b7a5d275f538b 260941 netqmail_1.06.orig.tar.gz
3e3086e0d3012b95431a96bc19a5411b8ad3f2e6 35126 netqmail_1.06-6.2~deb9u1.diff.gz
Checksums-Sha256:
774836d82b32583d3bf829c9c12db14f291d9a1c13d57bdacc38bbe184ee7de5 1895
netqmail_1.06-6.2~deb9u1.dsc
8e7d98d15211fc9f9c28109e942e2268f42a6672d68df92a42f2afa90ff00532 260941
netqmail_1.06.orig.tar.gz
37831df91026d8f194c70ca2207d892d61d467f6b5e38507e506e196c7f24ade 35126
netqmail_1.06-6.2~deb9u1.diff.gz
Files:
ee927db48ce7cf81a121e3955aab2f8f 1895 mail extra netqmail_1.06-6.2~deb9u1.dsc
c922f776140b2c83043a6195901c67d3 260941 mail extra netqmail_1.06.orig.tar.gz
3e1d515c383572022c645d85659a5eb5 35126 mail extra
netqmail_1.06-6.2~deb9u1.diff.gz
-----BEGIN PGP SIGNATURE-----
iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAl7Gb5VfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk
ZWJpYW4ub3JnAAoJEAVMuPMTQ89EOOAP/jypWC9W4nOWTbSTei7R08RInoHHMlYc
XxzKZk5IfSvOGm8u5PaLk4OgH/R7dvLgwaHg8NpfnazOUWfU2uBkY0A8kzctrCom
oSVQzg/i/HroG5+rAl8/cccOWyeml0GdYTpNCZpW8fE482xyNsJ3hu5acgfWAklJ
MKeb99qGNUKUAzCXH29jUvn8ygPfJiujxdgK6ffhW9DlHBGiaZjl2b88brU+dBxL
jiVbTCvHV1/bi4k5/FfVqu21m5mR5/eU6lZZg23WFBSN8Y+uDgn4Kh9KEJjlbzs/
lpDjG21PrZTVGxEehcl+DPXlQkdWSPrsFiPGF6b4V2yoU4flcJzwsm9TpQdVSrxm
0oNQS1c7ZnYq3pV6QdzrULT2OSPzhhkGCty4a0hjGaoqACVPnyQgeM3qwroj2xo9
lkAVhevqxcE6TUQ8rxvFibXyoImeDnLn3mxDWq9Sw2uB9cvvWqOCDYBOuqrOPfJq
xSG1SC6A+uoJ18Gp5sDpXnoE+/qBoD1M7FUhdM6Mv7r6H9WHDsz4c1/MzGydl3t7
mJucFSLeHYi2YJeGugxkN113NjS2LUsXAXiD+4M0qa+Nwms1QCJ2UCxYEuugkGeg
ZNwAbCViv+TkPO/bKzkMleSpDsOb7sZJi6Vl4z7CXh8a3rJ1J4OW6dWIBOlytFyi
cOicAFyO1HfV
=uoLR
-----END PGP SIGNATURE-----
--- End Message ---
