Your message dated Fri, 06 Apr 2018 10:06:33 +0000 with message-id <e1f4ogp-000bcl...@fasolo.debian.org> and subject line Bug#850968: fixed in mcollective 2.12.0+dfsg-1 has caused the Debian Bug report #850968, regarding CVE-2016-2788 to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 850968: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=850968 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Source: mcollective Severity: grave Tags: security Please see https://puppet.com/security/cve/cve-2016-2788 Cheers, Moritz
--- End Message ---
--- Begin Message ---Source: mcollective Source-Version: 2.12.0+dfsg-1 We believe that the bug you reported is fixed in the latest version of mcollective, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 850...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Sebastien Badia <sba...@debian.org> (supplier of updated mcollective package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Fri, 06 Apr 2018 11:43:02 +0200 Source: mcollective Binary: mcollective mcollective-client mcollective-common mcollective-doc Architecture: source Version: 2.12.0+dfsg-1 Distribution: unstable Urgency: medium Maintainer: Puppet Package Maintainers <pkg-puppet-de...@lists.alioth.debian.org> Changed-By: Sebastien Badia <sba...@debian.org> Description: mcollective - Marionette Collective clustering framework - server mcollective-client - Marionette Collective clustering framework - clients mcollective-common - Marionette Collective clustering framework - common files mcollective-doc - Marionette Collective clustering framework - documentation Closes: 709417 758701 850968 866711 Changes: mcollective (2.12.0+dfsg-1) unstable; urgency=medium . * New upstream version 2.12.0+dfsg + Upstream fix for CVE-2017-2292 (Closes: #866711) + Upstream fix for CVE-2016-2788 (Closes: #850968) + Upstream fix for CVE-2014-3251 (Closes: #758701) * d/compat: Bump compat version to 11 * d/control: + Bump to Standards-Version 4.1.3 (no changes needed) + Use salsa.debian.org in Vcs-* fields + Added myself as Uploader + Remove dh-systemd and gem2deb fixed version * d/upstream: Added Upstream metadata * d/copyright: + Fix license name and update upstream url + Use Files-Excluded target for dfsg repack + Remove section about ext/action_helpers (repack) * d/examples: Remove un-used mcollective-common.examples * d/rules: Remove deprecated dh-systemd rules * d/changelog: Added upstream changelog * d/watch: + Bump to version 4 switch to https and test pgpmode + Fixes watch file (opts=pgpmode=auto) * d/init: + Remove default (init.d-script-should-always-start-service) + Update systemd unit (refs upstream changes) (Closes: #709417) * d/man: Added manpages for mco and mcollectived * d/patches: Fix lintian issue with documentation (privacy-breach-generic) * d/tests: Added dep8 autopkgtest testsuite (Closes: LP1679336) Checksums-Sha1: da651663a241f95deda6a840c8cc149a9440e6d4 2384 mcollective_2.12.0+dfsg-1.dsc ab54d17004ae5055714fe645c73481dea91958a2 753485 mcollective_2.12.0+dfsg.orig.tar.gz 3ce0501e877dc0cb71aee98d57032026d8ed3839 35372 mcollective_2.12.0+dfsg-1.debian.tar.xz 766f0b1c80fd7bac06abb0e98b540447c45371e8 6819 mcollective_2.12.0+dfsg-1_source.buildinfo Checksums-Sha256: 54c4c09a097030454518d875e509e4af6f18ad73b74c833dcc9024d91788f02c 2384 mcollective_2.12.0+dfsg-1.dsc 3dfd8dfc0a7d0d7084b388cc29bf57b41b882c259acf43f8ae4105fdb6babefd 753485 mcollective_2.12.0+dfsg.orig.tar.gz 4e260a9566b1dd506415336b4e66f41d91cca84f5bda64c27e79dced55362d48 35372 mcollective_2.12.0+dfsg-1.debian.tar.xz 4680e33ca6475de2109676bd8bd964de6ab29617517021f5d23f7c64a9e84381 6819 mcollective_2.12.0+dfsg-1_source.buildinfo Files: 094e8e18141b38af5ec4760e19ca13c7 2384 utils optional mcollective_2.12.0+dfsg-1.dsc 85952a5a56f2f281934748315d4a0d98 753485 utils optional mcollective_2.12.0+dfsg.orig.tar.gz 5658e5c935b2416e8a9fcc76eb902d80 35372 utils optional mcollective_2.12.0+dfsg-1.debian.tar.xz ed89ca3861fc042bbf3708fe62f65699 6819 utils optional mcollective_2.12.0+dfsg-1_source.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEfkPprL9yerPPCIUzhxbORhSkUtgFAlrHQiIACgkQhxbORhSk Utjfdg//dPeGVpkUvFIzlBkJgII6CoU2jQTN7PpKegdVM8RNY9QXjn1qVuRfWhvC ++yUU3KlBBovkJMmYst0dnevUZw5GbqsVSlwk5CdC7wsKxjesT7FMjXG3BzbBL3B GwfVV0TTSYBcV9ASpR0VTfcVaAMdEGrX0F7PftecRN2k20UeN8BdFzZ+aQf0ce8l Cm0cIGQNr0EQImTaKtOo+L2Ri5duJOVxK6NqinAk/Z0Cx+TYjahWcKla16Dj3Jeg kTGSvcF2Yo9uQdlK/fbTvzXTgrAxP3pB/gR2YlDGCYN/WdX2WnvAp6nLmJRR2x5r yOKyK7hJXXdOsEjvJMuvhYjlSUUXOBoGNFfEwQE8CVgQl1QTLfh7EEm0ssWVbpLq rUSy6pSyVjdwVNYa0snHQ76hxzDhdej++40ONnDioUgfWpD3rTnQSJ6f2Bet70fc w8IDeCYYsu9FZ1g0uCLOc0IEdlcIsWu+OhAu2rCv3Z60nCuEmB0R8/xhjcaaePAR NeqqJgaDC+drWvLAWk8IojkLvUTD5FUu+TMdbpzYO0KNt1vTKH2BnyzXNxEynyqP aaKcyFtmev4uVJ0C+W+sm6SwSJmSn1DUIiZNXbPWbVpR35WLnFHMVUQx9t1ybroc KhLaO9/SKG9HrvP4G2M6sMxeyhndgHmBxVq4+6SzuWQPVkYK/Yc= =R6yJ -----END PGP SIGNATURE-----
--- End Message ---
