Your message dated Sat, 09 Sep 2006 19:32:12 -0700 with message-id <[EMAIL PROTECTED]> and subject line Bug#334350: fixed in flexbackup 1.2.1-3 has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what I am talking about this indicates a serious mail system misconfiguration somewhere. Please contact me immediately.) Debian bug tracking system administrator (administrator, Debian Bugs database)
--- Begin Message ---Package: flexbackup Severity: grave Tags: security "ZATAZ Audits" has published an advisory concerning flexbackup. Based on a cursory investigation of the source package, Debian is affected as well. From: ZATAZ Audits <[EMAIL PROTECTED]> Subject: [Full-disclosure] flexbackup default config insecure temporary file creation Date: Mon, 17 Oct 2005 10:06:06 +0200 Organization: ZATAZ Audits Message-ID: <[EMAIL PROTECTED]> ######################################################### flexbackup default config insecure temporary file creation Vendor: http://flexbackup.sourceforge.net/ Advisory: http://www.zataz.net/adviso/flexbackup-09192005.txt Vendor informed: yes Exploit available: yes Impact : low Exploitation : low ######################################################### The vulnerabilities ared due to insecure temporary files creations due to a default config. [...]
--- End Message ---
--- Begin Message ---Source: flexbackup Source-Version: 1.2.1-3 We believe that the bug you reported is fixed in the latest version of flexbackup, which is due to be installed in the Debian FTP archive: flexbackup_1.2.1-3.diff.gz to pool/main/f/flexbackup/flexbackup_1.2.1-3.diff.gz flexbackup_1.2.1-3.dsc to pool/main/f/flexbackup/flexbackup_1.2.1-3.dsc flexbackup_1.2.1-3_all.deb to pool/main/f/flexbackup/flexbackup_1.2.1-3_all.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [EMAIL PROTECTED], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Anibal Monsalve Salazar <[EMAIL PROTECTED]> (supplier of updated flexbackup package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [EMAIL PROTECTED]) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Sun, 10 Sep 2006 11:23:47 +1000 Source: flexbackup Binary: flexbackup Architecture: source all Version: 1.2.1-3 Distribution: unstable Urgency: high Maintainer: Debian QA Group <[EMAIL PROTECTED]> Changed-By: Anibal Monsalve Salazar <[EMAIL PROTECTED]> Description: flexbackup - Flexible backup tool for small to medium sized installations Closes: 250615 273750 293884 312259 334350 Changes: flexbackup (1.2.1-3) unstable; urgency=high . * QA upload. * Fixed "CVE-2005-4802: default config insecure temporary file creation". Patch by Alec Berryman <[EMAIL PROTECTED]>. Closes: #334350. * Fixed "sub backup_dump does not use %path hash for dump". Patch by Artem Chuprina <[EMAIL PROTECTED]>. Closes: #293884. * Fixed "flexbackup unable to complete a backup". Patch by Jose Luis Fernandez Barros <[EMAIL PROTECTED]>. Closes: #273750. * Fixed man page errors. Closes: #250615, #312259. * Fixed the following lintian messages: W: out-of-date-standards-version 3.6.1 (current is 3.7.2) E: build-depends-indep-should-be-build-depends debhelper W: old-fsf-address-in-copyright-file E: depends-on-essential-package-without-using-version recommends: tar Files: fbb3fd9c7ad9a5c33f0080d69aaea4df 575 admin optional flexbackup_1.2.1-3.dsc 0a99efeb959de0f051dbc2ba51ce29a6 4305 admin optional flexbackup_1.2.1-3.diff.gz 24034de62ec29936d4e08ef6d9e49563 76160 admin optional flexbackup_1.2.1-3_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.3 (GNU/Linux) iD8DBQFFA3WVipBneRiAKDwRAnTPAJ44m33eVNgaXTP65joXd8uW9BqswgCeNQhR xoZqtXr2WZ8KbjMOjfljiFc= =od3E -----END PGP SIGNATURE-----
--- End Message ---
