Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2013-0172

Source

Debian Bug report logs - #699188
CVE-2013-0172

Package: samba4; Maintainer for samba4 is (unknown);

Reported by: Moritz Muehlenhoff <jmm@debian.org>

Date: Mon, 28 Jan 2013 18:27:01 UTC

Severity: grave

Tags: security

Fixed in version 4.0.0~beta2+dfsg1-3.1

Done: Steve Langasek <vorlon@debian.org>

Bug is archived. No further changes may be made.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox

Report forwarded to debian-bugs-dist@lists.debian.org, team@security.debian.org, secure-testing-team@lists.alioth.debian.org, Samba Debian Maintainers <pkg-samba-maint@lists.alioth.debian.org>:
Bug#699188; Package samba4. (Mon, 28 Jan 2013 18:27:04 GMT) (full text, mbox, link).

Acknowledgement sent to Moritz Muehlenhoff <jmm@debian.org>:
New Bug report received and forwarded. Copy sent to team@security.debian.org, secure-testing-team@lists.alioth.debian.org, Samba Debian Maintainers <pkg-samba-maint@lists.alioth.debian.org>. (Mon, 28 Jan 2013 18:27:04 GMT) (full text, mbox, link).

Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

Package: samba4
Severity: grave
Tags: security

Hi,
as discussed on IRC last week. I'm filing a bug for proper tracking:
https://lists.samba.org/archive/samba-technical/2013-January/089911.html

Cheers,
        Moritz

Reply sent to Steve Langasek <vorlon@debian.org>:
You have taken responsibility. (Tue, 12 Feb 2013 04:27:04 GMT) (full text, mbox, link).

Notification sent to Moritz Muehlenhoff <jmm@debian.org>:
Bug acknowledged by developer. (Tue, 12 Feb 2013 04:27:04 GMT) (full text, mbox, link).

Message #10 received at 699188-done@bugs.debian.org (full text, mbox, reply):

[Message part 1 (text/plain, inline)]

Version: 4.0.0~beta2+dfsg1-3.1

Fixed in NMU.  Brian, Andrew: can one of you please send the NMU diff to the
BTS (as per the Debian NMU policy), so that the exact patch used is
available where we can find it for reference if needed?

Thanks,
-- 
Steve Langasek                   Give me a lever long enough and a Free OS
Debian Developer                   to set it on, and I can move the world.
Ubuntu Developer                                    http://www.debian.org/
slangasek@ubuntu.com                                     vorlon@debian.org

[signature.asc (application/pgp-signature, inline)]

Information forwarded to debian-bugs-dist@lists.debian.org, Samba Debian Maintainers <pkg-samba-maint@lists.alioth.debian.org>:
Bug#699188; Package samba4. (Tue, 12 Feb 2013 05:21:06 GMT) (full text, mbox, link).

Acknowledgement sent to Brian May <brian@microcomaustralia.com.au>:
Extra info received and forwarded to list. Copy sent to Samba Debian Maintainers <pkg-samba-maint@lists.alioth.debian.org>. (Tue, 12 Feb 2013 05:21:06 GMT) (full text, mbox, link).

Message #15 received at 699188@bugs.debian.org (full text, mbox, reply):

[Message part 1 (text/plain, inline)]

On 12 February 2013 15:26, Steve Langasek <vorlon@debian.org> wrote:

> Version: 4.0.0~beta2+dfsg1-3.1
>
> Fixed in NMU.  Brian, Andrew: can one of you please send the NMU diff to
> the
> BTS (as per the Debian NMU policy), so that the exact patch used is
> available where we can find it for reference if needed?
>

Attached the patch from debian/patches/CVE-2013-0172 - is this sufficient?
-- 
Brian May <brian@microcomaustralia.com.au>

[Message part 2 (text/html, inline)]

[CVE-2013-0172 (application/octet-stream, attachment)]

Information forwarded to debian-bugs-dist@lists.debian.org, Samba Debian Maintainers <pkg-samba-maint@lists.alioth.debian.org>:
Bug#699188; Package samba4. (Tue, 12 Feb 2013 05:24:03 GMT) (full text, mbox, link).

Acknowledgement sent to Steve Langasek <vorlon@debian.org>:
Extra info received and forwarded to list. Copy sent to Samba Debian Maintainers <pkg-samba-maint@lists.alioth.debian.org>. (Tue, 12 Feb 2013 05:24:03 GMT) (full text, mbox, link).

Message #20 received at 699188@bugs.debian.org (full text, mbox, reply):

[Message part 1 (text/plain, inline)]

On Tue, Feb 12, 2013 at 04:16:49PM +1100, Brian May wrote:
> On 12 February 2013 15:26, Steve Langasek <vorlon@debian.org> wrote:

> > Version: 4.0.0~beta2+dfsg1-3.1

> > Fixed in NMU.  Brian, Andrew: can one of you please send the NMU diff to
> > the
> > BTS (as per the Debian NMU policy), so that the exact patch used is
> > available where we can find it for reference if needed?

> Attached the patch from debian/patches/CVE-2013-0172 - is this sufficient?

Looks good to me, thanks.

-- 
Steve Langasek                   Give me a lever long enough and a Free OS
Debian Developer                   to set it on, and I can move the world.
Ubuntu Developer                                    http://www.debian.org/
slangasek@ubuntu.com                                     vorlon@debian.org

[signature.asc (application/pgp-signature, inline)]

Bug archived. Request was from Debbugs Internal Request <owner@bugs.debian.org> to internal_control@bugs.debian.org. (Sun, 17 Mar 2013 07:27:33 GMT) (full text, mbox, link).

Send a report that this bug log contains spam.

Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Wed Jun 19 13:35:19 2019; Machine Name: buxtehude

Debian Bug tracking system

Debbugs is free software and licensed under the terms of the GNU Public License version 2. The current version can be obtained from https://bugs.debian.org/debbugs-source/.

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2013-0172

Debian Bug report logs - #699188
CVE-2013-0172

Vulmon Search

About

Products

Connect

CVE-2013-0172

Debian Bug report logs - #699188 CVE-2013-0172

Vulmon Search

About

Products

Connect

Debian Bug report logs - #699188
CVE-2013-0172