Your message dated Sat, 24 Mar 2007 23:17:02 +0000 with message-id <[EMAIL PROTECTED]> and subject line Bug#415117: fixed in imp4 4.1.3-4 has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what I am talking about this indicates a serious mail system misconfiguration somewhere. Please contact me immediately.) Debian bug tracking system administrator (administrator, Debian Bugs database)
--- Begin Message ---Package: imp4 Version: 4.0.2-1 Severity: grave Tags: security Justification: security hole when package used Upstream changelog of new version says: This (..) fixes two cross site scripting vulnerabilities. Major changes compared to the IMP H3 (4.1.4-RC1) version are: * Fixed XSS vulnerabilities in the search screen and thread view. Sarge may or may not be vulnerable, I haven't checked yet.x
--- End Message ---
--- Begin Message ---Source: imp4 Source-Version: 4.1.3-4 We believe that the bug you reported is fixed in the latest version of imp4, which is due to be installed in the Debian FTP archive: imp4_4.1.3-4.diff.gz to pool/main/i/imp4/imp4_4.1.3-4.diff.gz imp4_4.1.3-4.dsc to pool/main/i/imp4/imp4_4.1.3-4.dsc imp4_4.1.3-4_all.deb to pool/main/i/imp4/imp4_4.1.3-4_all.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [EMAIL PROTECTED], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Ola Lundqvist <[EMAIL PROTECTED]> (supplier of updated imp4 package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [EMAIL PROTECTED]) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Sat, 24 Mar 2007 21:12:36 +0100 Source: imp4 Binary: imp4 Architecture: source all Version: 4.1.3-4 Distribution: unstable Urgency: high Maintainer: Horde Maintainers <[EMAIL PROTECTED]> Changed-By: Ola Lundqvist <[EMAIL PROTECTED]> Description: imp4 - webmail component for horde framework Closes: 415117 Changes: imp4 (4.1.3-4) unstable; urgency=high . * XSS vulneratility fixed, closes: #415117. Thanks to Marcos Marado <[EMAIL PROTECTED]> that provided the patch. Files: e97171faea0069af57fe9e835a455b70 662 web optional imp4_4.1.3-4.dsc 99e1d0eeb6f13bc81309b169269cf538 9245 web optional imp4_4.1.3-4.diff.gz cb5828f5797865a0be2ebd3f591b1c17 4170556 web optional imp4_4.1.3-4_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFGBYalGKGxzw/lPdkRAszUAJ4wcXJC6wSg6GXwVpCUJ+jh3THDGgCbB4YR TcFk0RXn/7u5o/IPTlcG6Us= =Ca/m -----END PGP SIGNATURE-----
--- End Message ---
