Your message dated Wed, 16 Oct 2013 17:33:49 +0000
with message-id <[email protected]>
and subject line Bug#726284: fixed in xhprof 0.9.4-1
has caused the Debian Bug report #726284,
regarding xhprof: CVE-2013-4433: XSS
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
726284: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=726284
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: xhprof
Severity: grave
Tags: security
Justification: user security hole
Hi,
fixed in 0.9.4:
http://pecl.php.net/package-changelog.php?package=xhprof&release=0.9.4
http://www.openwall.com/lists/oss-security/2013/10/14/1
Cheers,
Moritz
--- End Message ---
--- Begin Message ---
Source: xhprof
Source-Version: 0.9.4-1
We believe that the bug you reported is fixed in the latest version of
xhprof, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Laszlo Boszormenyi (GCS) <[email protected]> (supplier of updated xhprof package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Wed, 16 Oct 2013 08:03:30 +0000
Source: xhprof
Binary: php5-xhprof
Architecture: source amd64
Version: 0.9.4-1
Distribution: unstable
Urgency: high
Maintainer: Laszlo Boszormenyi (GCS) <[email protected]>
Changed-By: Laszlo Boszormenyi (GCS) <[email protected]>
Description:
php5-xhprof - Hierarchical Profiler for PHP5
Closes: 726284 726496
Changes:
xhprof (0.9.4-1) unstable; urgency=high
.
* New upstream release, fixing CVE-2013-4433 (closes: #726284).
.
[ Colin Watson <[email protected]> ]
* Build with -g on aarch64-linux-gnu, not (pre-DWARF) -gstabs
(closes: #726496).
Checksums-Sha1:
fa2f7530cc8fdfac6444bc209f60271cc9cb539f 1109 xhprof_0.9.4-1.dsc
a7f2d9d744dfe005f5122ad00b91dbcb57c81055 841044 xhprof_0.9.4.orig.tar.gz
a59ccc2c056ab439bad996eb078426d170ab4bb7 3523 xhprof_0.9.4-1.debian.tar.gz
210a267a21ca241e461d0cfd19286b70b127d287 24000 php5-xhprof_0.9.4-1_amd64.deb
Checksums-Sha256:
c8c5652e8931ef35c85e0541033f99262a8549df2ef18b1c284d1c941b96c1aa 1109
xhprof_0.9.4-1.dsc
ddd0f32017bfdab1a61691bb34a60bcf26963c3b77274e3f0cab4236db9b24e0 841044
xhprof_0.9.4.orig.tar.gz
7637c820c9cef041ef3617ed5149b6591c208698b42bcf6b06572614da07b59c 3523
xhprof_0.9.4-1.debian.tar.gz
ef32872dc319a4701ccf2e0217512465f7882bef9af60454d10444fb87bdd011 24000
php5-xhprof_0.9.4-1_amd64.deb
Files:
396dc2eef311ccc2468ea91ef3547368 1109 devel optional xhprof_0.9.4-1.dsc
d20943b9349d89aa06f537130664b1ac 841044 devel optional xhprof_0.9.4.orig.tar.gz
459cf5b32bd30830dc45c68c056fa756 3523 devel optional
xhprof_0.9.4-1.debian.tar.gz
2555c9b1c985de9a4e22268b89391fe5 24000 devel optional
php5-xhprof_0.9.4-1_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.15 (GNU/Linux)
iEYEARECAAYFAlJey0AACgkQMDatjqUaT91+9QCfaZ2rbviuDcQJF74NMGnxYRBq
/ykAn3PnJH8zIHg98COZAd5pXchiDlSX
=mbZ4
-----END PGP SIGNATURE-----
--- End Message ---
