Your message dated Mon, 10 Aug 2015 18:51:38 +0000
with message-id <e1zosac-0008ey...@franck.debian.org>
and subject line Bug#792857: fixed in activemq 5.6.0+dfsg-1+deb7u1
has caused the Debian Bug report #792857,
regarding CVE-2014-3576
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
792857: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=792857
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: activemq
Severity: grave
Tags: security

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-3576 is scarce on
details, but per the fixed upstream release probably affects oldstable
and stable.

Cheers,
        Moritz

--- End Message ---
--- Begin Message ---
Source: activemq
Source-Version: 5.6.0+dfsg-1+deb7u1

We believe that the bug you reported is fixed in the latest version of
activemq, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 792...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Emmanuel Bourg <ebo...@apache.org> (supplier of updated activemq package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Fri, 07 Aug 2015 22:16:39 +0200
Source: activemq
Binary: libactivemq-java libactivemq-java-doc activemq
Architecture: source all
Version: 5.6.0+dfsg-1+deb7u1
Distribution: wheezy-security
Urgency: high
Maintainer: Debian Java Maintainers 
<pkg-java-maintainers@lists.alioth.debian.org>
Changed-By: Emmanuel Bourg <ebo...@apache.org>
Description: 
 activemq   - Java message broker - server
 libactivemq-java - Java message broker core libraries
 libactivemq-java-doc - Java message broker core libraries - documentation
Closes: 769887 777196 792857
Changes: 
 activemq (5.6.0+dfsg-1+deb7u1) wheezy-security; urgency=high
 .
   * Team upload.
   * Fixed security issues (Closes: #777196, #792857)
     - CVE-2014-3612: JAAS LDAPLoginModule allows empty password authentication
     - CVE-2014-3600: XML External Entity expansion when evaluating XPath
       expressions
     - CVE-2014-3576: DoS via unauthenticated remote shutdown command
     - Disable JMX by default (Closes: #769887)
Checksums-Sha1: 
 3774e5093cc7f227364dabd3d64f102dfed034d4 3353 activemq_5.6.0+dfsg-1+deb7u1.dsc
 9dbc1e3b7d01cc54002401c753c9c9502512c6ac 3187408 
activemq_5.6.0+dfsg.orig.tar.gz
 d6dcaf964db30d725948ca104d33d4db963f42b8 22896 
activemq_5.6.0+dfsg-1+deb7u1.debian.tar.gz
 4f446059f16da15383d6d90b0aebf6b040d957e5 3975514 
libactivemq-java_5.6.0+dfsg-1+deb7u1_all.deb
 67de6a9bbd13624cac67e82a357be12f4da0bede 9039896 
libactivemq-java-doc_5.6.0+dfsg-1+deb7u1_all.deb
 ef689bb604e73f4bc00f9b83b3937d07a25bc42b 52592 
activemq_5.6.0+dfsg-1+deb7u1_all.deb
Checksums-Sha256: 
 6ae1960cc1d8b0c6e2f23aa7049b1e05eb86175f6dcd0847a156eb8c7b06df17 3353 
activemq_5.6.0+dfsg-1+deb7u1.dsc
 f6589dae9e2cff7efe144c5bda99f18c1fc2f220b121a3ac9ef92174cb0899a3 3187408 
activemq_5.6.0+dfsg.orig.tar.gz
 3882dae19f7fe96bec13a7e379696d495e702ddf21c00b219a44508b7d374a4e 22896 
activemq_5.6.0+dfsg-1+deb7u1.debian.tar.gz
 678c7ca0c2fa4151f2b6f4899ec5307f94b3f1f1e2eeb77c2fb4f4caece53a85 3975514 
libactivemq-java_5.6.0+dfsg-1+deb7u1_all.deb
 46336dc90a11caf4c54608dbbf67f29d16a41f8cdd7044362e417c32aa028019 9039896 
libactivemq-java-doc_5.6.0+dfsg-1+deb7u1_all.deb
 c010d707744f0309336cf5b6218eac98a7d11dc931e5325786505d63448b39fd 52592 
activemq_5.6.0+dfsg-1+deb7u1_all.deb
Files: 
 abc540a4988e1d50602e279b22608f4e 3353 java optional 
activemq_5.6.0+dfsg-1+deb7u1.dsc
 54227cd13c5f73e8ec7e62a0d13d3763 3187408 java optional 
activemq_5.6.0+dfsg.orig.tar.gz
 85cc41a99e7bffec1414627fa93f939c 22896 java optional 
activemq_5.6.0+dfsg-1+deb7u1.debian.tar.gz
 72fa0c44ce67f3ef4780aa1aceca612b 3975514 java optional 
libactivemq-java_5.6.0+dfsg-1+deb7u1_all.deb
 fe4cd7ccdc05ecc646cd0b3790f924ff 9039896 doc optional 
libactivemq-java-doc_5.6.0+dfsg-1+deb7u1_all.deb
 269bacd1e23a7f9e3a175bf94e21ca0c 52592 java optional 
activemq_5.6.0+dfsg-1+deb7u1_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQIcBAEBAgAGBQJVxRfuAAoJEPUTxBnkudCsVUgP/3WqDVd7jcfLmSOQaCFeghV0
sWpq3Lsa3vhl9zZZ0xAHAFsNpWjzR4dJl7j6PMt6sKlsVA4w+8WK97QYuout/pjQ
KG/meek0deC2EZ5tnlFGRIb9OSXpmoNTzLmFFIjGxBLRjO0iLtpx0iYOVMnOiISx
0fMRXdhNJpR4Bm1Ve8i0c8gVBa8yuUb3WMQ/wAetz83q9DcUr6jO9E5s6AVjsB9g
pNQeJZUial+kCkS/PrguuKMcpMQRk5mf29jZL5uPrQ4dncPBKPbQPVyOBzBoS36A
zlxAV+/fO2h+Wrz0ATtdjlbpivpBvyN6ngo8rrU+F95DoI4hBnu0uyCUfPlI3Eq2
VeDWrNOHvz6CK6gUoStP0W+1IVmaOoRWPmcijoiK/u0dxqvfGZqZhrxt8rPnnTvx
D2ufpDqNPyY8j3cyHIY6yhFX85npIGJS//xXdoq4xCMB8e+s7EWFDajJHrs9sS/A
almUxJJuz+v+iL3joyinmKbdM4aiPbDbtfwpi68J1uDiGoELx+eQ+C4qHiraberE
YgSSpfz5eCKS9vdNxxPOnFFreypD8EItpEwcvVdJfHzx/cG7I0rd7P+HJ/fH/XPt
euhNDg9Be97ecoi3ixseL5c9Ld4jbLdPt1NwvKfA41dgJcIUNTXpFw/63Z0Eq1Zs
G0lyo4gddSLfqbhn7R2k
=80/D
-----END PGP SIGNATURE-----

--- End Message ---
__
This is the maintainer address of Debian's Java team
<http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-java-maintainers>. 
Please use
debian-j...@lists.debian.org for discussions and questions.

Reply via email to