Bug#599833: marked as done (CVE-2010-3089)

Thu, 21 Oct 2010 22:36:19 -0700 

Your message dated Fri, 22 Oct 2010 05:33:21 +0000
with message-id <[email protected]>
and subject line Bug#599833: fixed in mailman 1:2.1.13-4.1
has caused the Debian Bug report #599833,
regarding CVE-2010-3089
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
599833: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=599833
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message --- 
Package: mailman
Severity: grave
Tags: security

Hi,
http://security-tracker.debian.org/tracker/CVE-2010-3089 needs to be
fixed for Squeeze.

Cheers,
        Moritz

-- System Information:
Debian Release: squeeze/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: i386 (i686)

Kernel: Linux 2.6.32-5-686 (SMP w/1 CPU core)
Locale: LANG=C, lc_ctype=de_de.iso-8859...@euro (charmap=ISO-8859-15)
Shell: /bin/sh linked to /bin/bash

Versions of packages mailman depends on:
ii  adduser                       3.112      add and remove users and groups
pn  apache2 | httpd               <none>     (no description available)
ii  cron                          3.0pl1-114 process scheduling daemon
ii  debconf [debconf-2.0]         1.5.35     Debian configuration management sy
ii  exim4-daemon-light [mail-tran 4.72-1     lightweight Exim MTA (v4) daemon
ii  libc6                         2.11.2-2   Embedded GNU C Library: Shared lib
ii  logrotate                     3.7.8-6    Log rotation utility
ii  lsb-base                      3.2-23.1   Linux Standard Base 3.2 init scrip
pn  pwgen                         <none>     (no description available)
ii  python                        2.6.5-13   interactive high-level object-orie
ii  python-support                1.0.9      automated rebuilding support for P
ii  ucf                           3.0025     Update Configuration File: preserv

mailman recommends no packages.

Versions of packages mailman suggests:
pn  listadmin                     <none>     (no description available)
pn  lynx                          <none>     (no description available)
ii  spamassassin                  3.3.1-1    Perl-based spam filter using text

--- End Message ---
--- Begin Message --- 
Source: mailman
Source-Version: 1:2.1.13-4.1

We believe that the bug you reported is fixed in the latest version of
mailman, which is due to be installed in the Debian FTP archive:

mailman_2.1.13-4.1.debian.tar.gz
  to main/m/mailman/mailman_2.1.13-4.1.debian.tar.gz
mailman_2.1.13-4.1.dsc
  to main/m/mailman/mailman_2.1.13-4.1.dsc
mailman_2.1.13-4.1_i386.deb
  to main/m/mailman/mailman_2.1.13-4.1_i386.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Jari Aalto <[email protected]> (supplier of updated mailman package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Sat, 16 Oct 2010 08:46:55 +0300
Source: mailman
Binary: mailman
Architecture: source i386
Version: 1:2.1.13-4.1
Distribution: unstable
Urgency: high
Maintainer: Mailman for Debian <[email protected]>
Changed-By: Jari Aalto <[email protected]>
Description: 
 mailman    - Powerful, web-based mailing list manager
Closes: 599833
Changes: 
 mailman (1:2.1.13-4.1) unstable; urgency=high
 .
   * Non-maintainer upload.
   * debian/patches
     - (83): New. CVE-2010-3089 security fix from mailman 2.14. Patch
       thanks to <[email protected]> (grave, security; Closes: #599833).
Checksums-Sha1: 
 be358db5cfa41a7aaff320468bf229d1d4bf1754 1990 mailman_2.1.13-4.1.dsc
 cee28a15a76bcd832b7852bfca42c59c3bc42ead 108089 
mailman_2.1.13-4.1.debian.tar.gz
 40297595a6ad9cd8cee3b6883e27edf1e34f3f42 9645334 mailman_2.1.13-4.1_i386.deb
Checksums-Sha256: 
 4dbcff150cbecf37c9fc8735582b2c5f8597578095a1a23ff2fe2569ef4fcc34 1990 
mailman_2.1.13-4.1.dsc
 bb1fec1b1c572b3c1bfe43a85d5f28e9456e5bddc2dee4fd3f576cf537ebbcc2 108089 
mailman_2.1.13-4.1.debian.tar.gz
 df823cb985c8c1162f997921f9ee060ef704b1abdd4ab0e1d829ba10c56d5de9 9645334 
mailman_2.1.13-4.1_i386.deb
Files: 
 666a2aea50bf595a6dd022e3dc5bc883 1990 mail optional mailman_2.1.13-4.1.dsc
 44a82706ddef62b04fd82127c798ff42 108089 mail optional 
mailman_2.1.13-4.1.debian.tar.gz
 dd6edcaedc9edb946a4499d973a6fde8 9645334 mail optional 
mailman_2.1.13-4.1_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iQIcBAEBCAAGBQJMvne3AAoJECHSBYmXSz6WzUcQAJ85e+r3vNyx97uexBUZAsJj
tVngz/flkGwdNHJx2nJoE5PIR1+STkJHplUkjr+wgXlsV4qJ7CdlzgzngqtzqUcw
RtMwvtEiHVZoTj9ILyRHnXiL1guHD0MVRRZrKNvYsILT0BS9Y1wWsrsD/lMg7V5l
Xg/Bc7+PadtXjjFLLIhTbgLuUQBHG8MdM3vXIPCrUI7Rdb18vF0hOhDITp8gQMVh
EDwZ7tYBSO/0JXZrB2XbxVUwrLFtKmC45G/F5uD0xTzwhbGNlvBYwyKRZgvgCRWX
+Sxti9gIZy1QfOvXrXXGtzayMOUDDLfkdjHi1+omJsMKJr+nWj72YL4CS3r6MV4j
GA2yjHn6kVApIKNLmhtcTgdAC/aFzj9I7GxrNx492p1cYgs/+icBj1giGEpJRCZH
xEBWGBhArRELkraYHbvGYopcYbkmiFqsDpCbqf+MbmB2pOUBhXnAkwZcIqplt/jM
JFibav/uzLmI+wGCI73Dugof0JcOdngDjnbya0Ab5dgetUGxKTpF1jfPtoe0rbiV
zmi8cFOwFdOpg1d6gK8unggDruEReBJ1qCvnbno/G2ebmEEo+hPgEIhu0GYhBiTW
eDInWMJDxNbiAKxQkGFDQhIEZKhoKSLIn4nfE9ztl27Mlwcdpb5ERA4khnjA0rIw
hK9pEIfvFE0EJRDNMBQf
=NDcX
-----END PGP SIGNATURE-----

--- End Message ---

Reply via email to