Your message dated Mon, 17 Oct 2005 15:32:12 -0700
with message-id <[EMAIL PROTECTED]>
and subject line Bug#333863: fixed in xmail 1.22-1
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--------------------------------------
Received: (at submit) by bugs.debian.org; 14 Oct 2005 08:16:00 +0000
>From [EMAIL PROTECTED] Fri Oct 14 01:16:00 2005
Return-path: <[EMAIL PROTECTED]>
Received: from box79162.elkhouse.de [213.9.79.162]
by spohr.debian.org with esmtp (Exim 3.36 1 (Debian))
id 1EQKjP-0000D1-00; Fri, 14 Oct 2005 01:16:00 -0700
Received: from localhost.localdomain (mail.fbn-dd.de [195.227.105.178])
(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
(Client CN "Martin Pitt (workstation)", Issuer "piware CA" (verified
OK))
by box79162.elkhouse.de (Postfix) with ESMTP id 172AC1F83FA
for <[EMAIL PROTECTED]>; Fri, 14 Oct 2005 10:15:26 +0200 (CEST)
Received: by localhost.localdomain (Postfix, from userid 1000)
id 74388127C4; Fri, 14 Oct 2005 10:15:21 +0200 (CEST)
Date: Fri, 14 Oct 2005 10:15:21 +0200
From: Martin Pitt <[EMAIL PROTECTED]>
To: Debian BTS Submit <[EMAIL PROTECTED]>
Subject: xmail: [CAN-2005-2943] buffer overflow
Message-ID: <[EMAIL PROTECTED]>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
protocol="application/pgp-signature"; boundary="i9LlY+UWpKt15+FH"
Content-Disposition: inline
User-Agent: Mutt/1.5.9i
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Level:
X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_PACKAGE,
RCVD_IN_SBLXBL,RCVD_IN_SBLXBL_OPM autolearn=no
version=2.60-bugs.debian.org_2005_01_02
--i9LlY+UWpKt15+FH
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
Package: xmail
Version: 1.21-3
Severity: grave
Tags: security
Hi!
iDEFENSE reported an exploitable buffer overflow in xmail:
http://www.idefense.com/application/poi/display?id=3D321&type=3Dvulnerabi=
lities
This has been assigned CAN-2005-2943, please mention this in the
changelog when you fix this.
Thanks,
Martin
--=20
Martin Pitt http://www.piware.de
Ubuntu Developer http://www.ubuntu.com
Debian Developer http://www.debian.org
In a world without walls and fences, who needs Windows and Gates?
--i9LlY+UWpKt15+FH
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
iD8DBQFDT2kZDecnbV4Fd/IRAl8gAKCYhikzhT2u9eSEmA4odZa1CMeGDgCgjCbW
RDp2aYWhlc58vhDSE9s+8bk=
=XUQ5
-----END PGP SIGNATURE-----
--i9LlY+UWpKt15+FH--
---------------------------------------
Received: (at 333863-close) by bugs.debian.org; 17 Oct 2005 22:40:24 +0000
>From [EMAIL PROTECTED] Mon Oct 17 15:40:24 2005
Return-path: <[EMAIL PROTECTED]>
Received: from katie by spohr.debian.org with local (Exim 3.36 1 (Debian))
id 1ERdWe-0005bn-00; Mon, 17 Oct 2005 15:32:12 -0700
From: Radu Spineanu <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
X-Katie: $Revision: 1.56 $
Subject: Bug#333863: fixed in xmail 1.22-1
Message-Id: <[EMAIL PROTECTED]>
Sender: Archive Administrator <[EMAIL PROTECTED]>
Date: Mon, 17 Oct 2005 15:32:12 -0700
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Level:
X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER
autolearn=no version=2.60-bugs.debian.org_2005_01_02
Source: xmail
Source-Version: 1.22-1
We believe that the bug you reported is fixed in the latest version of
xmail, which is due to be installed in the Debian FTP archive:
xmail-doc_1.22-1_all.deb
to pool/main/x/xmail/xmail-doc_1.22-1_all.deb
xmail_1.22-1.diff.gz
to pool/main/x/xmail/xmail_1.22-1.diff.gz
xmail_1.22-1.dsc
to pool/main/x/xmail/xmail_1.22-1.dsc
xmail_1.22-1_i386.deb
to pool/main/x/xmail/xmail_1.22-1_i386.deb
xmail_1.22.orig.tar.gz
to pool/main/x/xmail/xmail_1.22.orig.tar.gz
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Radu Spineanu <[EMAIL PROTECTED]> (supplier of updated xmail package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Fri, 14 Oct 2005 12:38:34 +0300
Source: xmail
Binary: xmail xmail-doc
Architecture: source i386 all
Version: 1.22-1
Distribution: unstable
Urgency: high
Maintainer: Radu Spineanu <[EMAIL PROTECTED]>
Changed-By: Radu Spineanu <[EMAIL PROTECTED]>
Description:
xmail - advanced, fast and reliable ESMTP/POP3 mail server
xmail-doc - documentation for xmail
Closes: 333863
Changes:
xmail (1.22-1) unstable; urgency=high
.
* New upstream release
* Fixes an exploitable buffer overflow in the sendmail binary
(CAN-2005-2943, closes: #333863)
* Added a conflict with the lsb package until -bs is implemented
* Update FSF address in debian/copyright
* Fixed a bashism in debian/postrm
Files:
d5b074780bc94acc83941ad01e34fe5e 578 mail extra xmail_1.22-1.dsc
ed2acc291345320e9993941e6043b46c 416738 mail extra xmail_1.22.orig.tar.gz
e622efac3dddaa3f4aa78ac586b343a2 29168 mail extra xmail_1.22-1.diff.gz
53935fbd47b0666c3fe661276bf5a187 168612 mail extra xmail-doc_1.22-1_all.deb
5efcf5cb295e3cae3b3509d3def58cd7 212114 mail extra xmail_1.22-1_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
iD8DBQFDVCPC2tp5zXiKP0wRAvqbAKCLh1wqwBzgexAYrBRZxfJs/iYxtwCgtGDH
8TuGWS6JbrfeZOqga3FnYio=
=eUkV
-----END PGP SIGNATURE-----
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
