Debian Bug report logs -
#725942
libapache2-mod-fcgid: CVE-2013-4365
Reported by: Moritz Muehlenhoff <jmm@inutil.org>
Date: Thu, 10 Oct 2013 07:15:01 UTC
Severity: grave
Tags: security
Fixed in versions libapache2-mod-fcgid/1:2.3.9-1, libapache2-mod-fcgid/1:2.3.6-1+squeeze2, libapache2-mod-fcgid/1:2.3.6-1.2+deb7u1
Done: Felix Geyer <fgeyer@debian.org>
Bug is archived. No further changes may be made.
Toggle useless messages
Report forwarded
to debian-bugs-dist@lists.debian.org, team@security.debian.org, secure-testing-team@lists.alioth.debian.org, Felix Geyer <fgeyer@debian.org>:
Bug#725942; Package libapache2-mod-fcgid.
(Thu, 10 Oct 2013 07:15:06 GMT) (full text, mbox, link).
Acknowledgement sent
to Moritz Muehlenhoff <jmm@inutil.org>:
New Bug report received and forwarded. Copy sent to team@security.debian.org, secure-testing-team@lists.alioth.debian.org, Felix Geyer <fgeyer@debian.org>.
(Thu, 10 Oct 2013 07:15:06 GMT) (full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
Package: libapache2-mod-fcgid
Severity: grave
Tags: security
Justification: user security hole
This was assigned CVE-2013-4365:
http://www.mail-archive.com/dev@httpd.apache.org/msg58077.html
Isolated patch:
https://mail-archives.apache.org/mod_mbox/httpd-cvs/201309.mbox/%3C20130929174048.13B962388831@eris.apache.org%3E
Can you prepare updated packages for oldstable/stable and contact team@security.debian.org ?
http://www.debian.org/doc/manuals/developers-reference/pkgs.html#bug-security
Cheers,
Moritz
Reply sent
to Felix Geyer <fgeyer@debian.org>:
You have taken responsibility.
(Thu, 10 Oct 2013 18:06:13 GMT) (full text, mbox, link).
Notification sent
to Moritz Muehlenhoff <jmm@inutil.org>:
Bug acknowledged by developer.
(Thu, 10 Oct 2013 18:06:13 GMT) (full text, mbox, link).
Message #10 received at 725942-close@bugs.debian.org (full text, mbox, reply):
Source: libapache2-mod-fcgid
Source-Version: 1:2.3.9-1
We believe that the bug you reported is fixed in the latest version of
libapache2-mod-fcgid, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 725942@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Felix Geyer <fgeyer@debian.org> (supplier of updated libapache2-mod-fcgid package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Thu, 10 Oct 2013 19:49:42 +0200
Source: libapache2-mod-fcgid
Binary: libapache2-mod-fcgid libapache2-mod-fcgid-dbg
Architecture: source amd64
Version: 1:2.3.9-1
Distribution: unstable
Urgency: high
Maintainer: Felix Geyer <fgeyer@debian.org>
Changed-By: Felix Geyer <fgeyer@debian.org>
Description:
libapache2-mod-fcgid - FastCGI interface module for Apache 2
libapache2-mod-fcgid-dbg - debugging symbols for mod_fcgid
Closes: 719534 725942
Changes:
libapache2-mod-fcgid (1:2.3.9-1) unstable; urgency=high
.
* New upstream release.
- Fixes CVE-2013-4365: heap buffer overwrite. (Closes: #725942)
* Further improve the long description. (Closes: #719534)
Checksums-Sha1:
a65d113a6c3596b969d1240969b6e3529ad24f3d 2062 libapache2-mod-fcgid_2.3.9-1.dsc
99d6b24f3f83a3a83d1d93d12a0d5992e3fa7851 107582 libapache2-mod-fcgid_2.3.9.orig.tar.gz
c05d46bb28a40754107f30d0c1977975389b0f31 5659 libapache2-mod-fcgid_2.3.9-1.debian.tar.gz
2f11a1c429b0907fbfbb48aef37fc1971068c3a1 67528 libapache2-mod-fcgid_2.3.9-1_amd64.deb
7f234d7237d0b052ab3b86e170b0f96c14c2884b 121062 libapache2-mod-fcgid-dbg_2.3.9-1_amd64.deb
Checksums-Sha256:
051483c86746a2aaec16da380e7377d451cdbf9681ce7c5a0846ea98e7d2cdc5 2062 libapache2-mod-fcgid_2.3.9-1.dsc
1cbad345e3376b5d7c8f9a62b471edd7fa892695b90b79502f326b4692a679cf 107582 libapache2-mod-fcgid_2.3.9.orig.tar.gz
b94f0b768f5cc5080ed312923db04baa16db4293d1859f50bbe001702336b35e 5659 libapache2-mod-fcgid_2.3.9-1.debian.tar.gz
e871c9c7be2ba3e2f9f7b7932f9fbf24010d591626a441e773f596feff3202ce 67528 libapache2-mod-fcgid_2.3.9-1_amd64.deb
46f65cee9fdc6e9d2bcdd3638edc204ea334baa4fbe436fbe11bbcb05ba49250 121062 libapache2-mod-fcgid-dbg_2.3.9-1_amd64.deb
Files:
cc2e7385fa5ef7a3e3d2b2e4ebc75b52 2062 httpd optional libapache2-mod-fcgid_2.3.9-1.dsc
ece4c66f0c05d216fc96969fcf3d1add 107582 httpd optional libapache2-mod-fcgid_2.3.9.orig.tar.gz
914a8859a5a39afb86bf03b1abd584a6 5659 httpd optional libapache2-mod-fcgid_2.3.9-1.debian.tar.gz
8ec3ca71719c7e17f1ce6557ec86a354 67528 httpd optional libapache2-mod-fcgid_2.3.9-1_amd64.deb
9b06d4cc28b9fbd1d94451ccb127a7bd 121062 debug extra libapache2-mod-fcgid-dbg_2.3.9-1_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (GNU/Linux)
iQIcBAEBCAAGBQJSVuoFAAoJEP4ixv2DE11FD4wP/AnHfkFQ6kI8w18LXC+5A3Qb
6YUjoSlKfCePtWBKyVoQ1frGF2fhGYbX5iRWMaPIQLqPsaxLw9T5aG6EyRhhRWI8
ceV3RkkIWjnQ4+cGCmPnt9D3z3wQ/ndwMEWFf5CHoS7veXKEwC51o6PyCSaMwiMQ
qoIdkxyAq1hx8ISfyJVhvwN+42sPlolve9PyMGaPVVU1q2gkCbaadUw+hDHnWq+R
RUpA/klTtA3925TPMaoAIkN8yBa9GrgghqoaDQajpuDzzA0VVPztcnj1IiAwVstb
B7S+WJSx+J80GnM2WfPjJzIal+y1iTGx61Msi+8XlQ50t7Op5N8WIVlwF3CuzwTz
L6+vtlYKbwaru34HArOQgV8/xoJ2pVwin8ZdhMaroM6F26PRRGlAym2rh5bssFgO
xY7IBK1QufByTOxKjK4srNuwtrErAkW13bzTt2myxHvf6j6+9ZaAGjDtG9WXDj7A
SstdZlkIvhjrEOjgq3U2S5EdjnYezEM+fv6UUKiCCPt8kaOdJrbBSbYbrNNwlfHZ
MxkuoAmuzfazLlTEjI9Ms63PUyJwkMSQQKqc1DypC/8OjuVTBmYZt8hnbbePOOzb
oAqBvhgXqIeu71o3MJ3IDfMs3cdg0Oc7Tps/REx3iI+1Ivg16uLPdWgJenNSL05x
S/36zpZPxTPvvtkxMO81
=kJ1Z
-----END PGP SIGNATURE-----
Information forwarded
to debian-bugs-dist@lists.debian.org:
Bug#725942; Package libapache2-mod-fcgid.
(Thu, 10 Oct 2013 20:03:04 GMT) (full text, mbox, link).
Acknowledgement sent
to Felix Geyer <fgeyer@debian.org>:
Extra info received and forwarded to list.
(Thu, 10 Oct 2013 20:03:04 GMT) (full text, mbox, link).
Message #15 received at 725942@bugs.debian.org (full text, mbox, reply):
[Message part 1 (text/plain, inline)]
On 10.10.2013 09:06, Moritz Muehlenhoff wrote:
> Package: libapache2-mod-fcgid
> Severity: grave
> Tags: security
> Justification: user security hole
>
> This was assigned CVE-2013-4365:
> http://www.mail-archive.com/dev@httpd.apache.org/msg58077.html
>
> Isolated patch:
> https://mail-archives.apache.org/mod_mbox/httpd-cvs/201309.mbox/%3C20130929174048.13B962388831@eris.apache.org%3E
>
> Can you prepare updated packages for oldstable/stable and contact team@security.debian.org ?
> http://www.debian.org/doc/manuals/developers-reference/pkgs.html#bug-security
I've prepared updates for wheezy and squeeze, see the attached debdiffs.
Please let me know if I should upload these.
Cheers,
Felix
[libapache2-mod-fcgid_2.3.6-1+squeeze2.debdiff (text/plain, attachment)]
[libapache2-mod-fcgid_2.3.6-1.2+deb7u1.debdiff (text/plain, attachment)]
[signature.asc (application/pgp-signature, attachment)]
Information forwarded
to debian-bugs-dist@lists.debian.org, Felix Geyer <fgeyer@debian.org>:
Bug#725942; Package libapache2-mod-fcgid.
(Fri, 11 Oct 2013 05:00:05 GMT) (full text, mbox, link).
Acknowledgement sent
to Salvatore Bonaccorso <carnil@debian.org>:
Extra info received and forwarded to list. Copy sent to Felix Geyer <fgeyer@debian.org>.
(Fri, 11 Oct 2013 05:00:05 GMT) (full text, mbox, link).
Message #20 received at 725942@bugs.debian.org (full text, mbox, reply):
Hi Felix,
On Thu, Oct 10, 2013 at 09:42:10PM +0200, Felix Geyer wrote:
> On 10.10.2013 09:06, Moritz Muehlenhoff wrote:
> > Package: libapache2-mod-fcgid
> > Severity: grave
> > Tags: security
> > Justification: user security hole
> >
> > This was assigned CVE-2013-4365:
> > http://www.mail-archive.com/dev@httpd.apache.org/msg58077.html
> >
> > Isolated patch:
> > https://mail-archives.apache.org/mod_mbox/httpd-cvs/201309.mbox/%3C20130929174048.13B962388831@eris.apache.org%3E
> >
> > Can you prepare updated packages for oldstable/stable and contact team@security.debian.org ?
> > http://www.debian.org/doc/manuals/developers-reference/pkgs.html#bug-security
>
> I've prepared updates for wheezy and squeeze, see the attached debdiffs.
> Please let me know if I should upload these.
The debdiffs look good. Could you please upload both to
security-master? For the wheezy-security upload it's the first one in
the security-archive so it needs to be built with -sa.
Thanks for your work!
Regards,
Salvatore
Reply sent
to Felix Geyer <fgeyer@debian.org>:
You have taken responsibility.
(Sat, 12 Oct 2013 18:51:09 GMT) (full text, mbox, link).
Notification sent
to Moritz Muehlenhoff <jmm@inutil.org>:
Bug acknowledged by developer.
(Sat, 12 Oct 2013 18:51:09 GMT) (full text, mbox, link).
Message #25 received at 725942-close@bugs.debian.org (full text, mbox, reply):
Source: libapache2-mod-fcgid
Source-Version: 1:2.3.6-1+squeeze2
We believe that the bug you reported is fixed in the latest version of
libapache2-mod-fcgid, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 725942@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Felix Geyer <fgeyer@debian.org> (supplier of updated libapache2-mod-fcgid package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Thu, 10 Oct 2013 21:21:29 +0200
Source: libapache2-mod-fcgid
Binary: libapache2-mod-fcgid libapache2-mod-fcgid-dbg
Architecture: source amd64
Version: 1:2.3.6-1+squeeze2
Distribution: squeeze-security
Urgency: high
Maintainer: Tatsuki Sugiura <sugi@nemui.org>
Changed-By: Felix Geyer <fgeyer@debian.org>
Description:
libapache2-mod-fcgid - an alternative module compat with mod_fastcgi
libapache2-mod-fcgid-dbg - debugging symbols for mod_fcgid
Closes: 725942
Changes:
libapache2-mod-fcgid (1:2.3.6-1+squeeze2) squeeze-security; urgency=high
.
* Fix CVE-2013-4365: heap buffer overwrite. (Closes: #725942)
- Add debian/patches/30_CVE-2013-4365.dpatch
Checksums-Sha1:
ac314473ce79f6924bf2cb7db9948034e24ae018 1923 libapache2-mod-fcgid_2.3.6-1+squeeze2.dsc
b41e2871ceb3044bfe97d1a8f8f56487ebf504b9 5835 libapache2-mod-fcgid_2.3.6-1+squeeze2.diff.gz
3f3c5e67fde3409efb3b0f8c882e734ddc3d8485 74546 libapache2-mod-fcgid_2.3.6-1+squeeze2_amd64.deb
db61448b707e9b075c088e356dc9833669691d0f 13932 libapache2-mod-fcgid-dbg_2.3.6-1+squeeze2_amd64.deb
Checksums-Sha256:
60ee68b7f396f78acb77f16cc6b9841bae3c6ca3d3217ed771a119cef515b98f 1923 libapache2-mod-fcgid_2.3.6-1+squeeze2.dsc
3c2cf23247e0ac779f2cad19d6601beb5e07db6b5d39b6274c841ce6abfda81b 5835 libapache2-mod-fcgid_2.3.6-1+squeeze2.diff.gz
3253bfb46e5aec8729fcc09fe9ba4c6c3d7158ae29c3146a1861a12e4d27ed4e 74546 libapache2-mod-fcgid_2.3.6-1+squeeze2_amd64.deb
e416905d249f842d7735331553c0394eeaaf2b98727b4f4c2b4cb8ccb8ad3e7b 13932 libapache2-mod-fcgid-dbg_2.3.6-1+squeeze2_amd64.deb
Files:
8a2c37068208d198afe7ecfbeee4a69f 1923 httpd optional libapache2-mod-fcgid_2.3.6-1+squeeze2.dsc
a91b272f7009df4a6d272eae4abbf410 5835 httpd optional libapache2-mod-fcgid_2.3.6-1+squeeze2.diff.gz
9738598a745038da91043b722a32955b 74546 httpd optional libapache2-mod-fcgid_2.3.6-1+squeeze2_amd64.deb
5dbbdd903f4c504d03cae9b2ec3330cd 13932 debug extra libapache2-mod-fcgid-dbg_2.3.6-1+squeeze2_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (GNU/Linux)
iQIcBAEBCAAGBQJSWDGuAAoJEP4ixv2DE11FrJMQAL1i8AN0V0OdH2a4N38pBRXo
qe9zfP97t4anmt6WdLYFH4xiKi3KIQ6BquKrbtm5ivnI05DsGPzfOQSsKdYtLh4q
xbpmOG4G19FJY3Lyuh9xxrLvzOFVfFl85jPJUuPawXb9oiHnTZE2MIMIXbvlPLca
PNaMUHzW1P2BKH0whvn1brDiLLDUGa8aePKNFHDByo25GUer4AIVF15FHG4TcbkF
X8H1gdVUv0nrSi7vWUglsi5ZyOP2FBFYTTM2BA/1wYuuvUdgXp9KmJ58bta8c5C5
cCvtMlYbuSBp//xgDE3n2H24s3D2NPnlXFkTtVKJfAM9IYUeX8p71K4jMcxoBYou
YJk9/uLB7KuGMxUTqWVFBb6CsWBUUQfcWCcUTIY1VECvQxcTjw7pl5oFfmLOWEH8
sk6SDHcY2FxpNscslWcow7nls9102yEi4TzYHPoM96VVTzzyxIaPTkjBaZOoxZzf
mWAtSKhMx2pP/vEsfMR43/Zy/Cxlesr59lS6EwE3thUvoNArXt5WhkKUIbXDvROE
DzafywVw297Le2Eh9MvzkRSoz5eGPUttAYyeA+z34CVOXJN3AgrxL4qji/nW6ey+
Jh8TNw3qP0OC2QOiwxHoV/TPiOR3zg+Cth47gJVzIf6h5mLhJ4qKp+XcvK2LdF3K
qcRVesoqP7Xa9sqe4TZ9
=0R9y
-----END PGP SIGNATURE-----
Reply sent
to Felix Geyer <fgeyer@debian.org>:
You have taken responsibility.
(Sat, 12 Oct 2013 19:57:58 GMT) (full text, mbox, link).
Notification sent
to Moritz Muehlenhoff <jmm@inutil.org>:
Bug acknowledged by developer.
(Sat, 12 Oct 2013 19:57:58 GMT) (full text, mbox, link).
Message #30 received at 725942-close@bugs.debian.org (full text, mbox, reply):
Source: libapache2-mod-fcgid
Source-Version: 1:2.3.6-1.2+deb7u1
We believe that the bug you reported is fixed in the latest version of
libapache2-mod-fcgid, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 725942@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Felix Geyer <fgeyer@debian.org> (supplier of updated libapache2-mod-fcgid package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Thu, 10 Oct 2013 20:02:54 +0200
Source: libapache2-mod-fcgid
Binary: libapache2-mod-fcgid libapache2-mod-fcgid-dbg
Architecture: source amd64
Version: 1:2.3.6-1.2+deb7u1
Distribution: wheezy-security
Urgency: high
Maintainer: Tatsuki Sugiura <sugi@nemui.org>
Changed-By: Felix Geyer <fgeyer@debian.org>
Description:
libapache2-mod-fcgid - an alternative module compat with mod_fastcgi
libapache2-mod-fcgid-dbg - debugging symbols for mod_fcgid
Closes: 725942
Changes:
libapache2-mod-fcgid (1:2.3.6-1.2+deb7u1) wheezy-security; urgency=high
.
* Fix CVE-2013-4365: heap buffer overwrite. (Closes: #725942)
- Add debian/patches/40_CVE-2013-4365.dpatch
Checksums-Sha1:
b3a1229238704341e73989b86a110b971d5387c9 2021 libapache2-mod-fcgid_2.3.6-1.2+deb7u1.dsc
018245896f331909e896685ab3ca86b163846e4d 101883 libapache2-mod-fcgid_2.3.6.orig.tar.gz
634b58d8241a6b35dd8f761cdf0d13d451903e92 6642 libapache2-mod-fcgid_2.3.6-1.2+deb7u1.diff.gz
0adcdb2b5015a92823b0960032733f3a54b30e14 74950 libapache2-mod-fcgid_2.3.6-1.2+deb7u1_amd64.deb
f958d200e84e50b5546c1cad10689b038a2a7505 14086 libapache2-mod-fcgid-dbg_2.3.6-1.2+deb7u1_amd64.deb
Checksums-Sha256:
bc06126ccc7e6e598fb6252d8a1a5bb6032b269fbd8bbb53a94438b7549035f8 2021 libapache2-mod-fcgid_2.3.6-1.2+deb7u1.dsc
e831795498d91cf27a519ea1332c2a92a2a9920b0844d817b2ea7f079056d12b 101883 libapache2-mod-fcgid_2.3.6.orig.tar.gz
0ab6d4d071383eb12dadbfcfa1513256f99712c2b217877625f99fa6a6e2ae55 6642 libapache2-mod-fcgid_2.3.6-1.2+deb7u1.diff.gz
eef313d9e6bea6d5356a4928c30de0ce83c2fcfe689d4deb486bd0c5e2baa36a 74950 libapache2-mod-fcgid_2.3.6-1.2+deb7u1_amd64.deb
ce31653221fa56eb224d01d31fafac28696757a045249654dfc0f935a09dbc8c 14086 libapache2-mod-fcgid-dbg_2.3.6-1.2+deb7u1_amd64.deb
Files:
96902d8af9f535e9165dbe429888002d 2021 httpd optional libapache2-mod-fcgid_2.3.6-1.2+deb7u1.dsc
fbfc115eb47cd9bda91269743aba5e83 101883 httpd optional libapache2-mod-fcgid_2.3.6.orig.tar.gz
2f0e7c7d95bed63acd79009f9941db9d 6642 httpd optional libapache2-mod-fcgid_2.3.6-1.2+deb7u1.diff.gz
5420ecd0a58dcf83ca6e99ae86f57e67 74950 httpd optional libapache2-mod-fcgid_2.3.6-1.2+deb7u1_amd64.deb
39c06a4e1877c1b9745d183eb14edd8c 14086 debug extra libapache2-mod-fcgid-dbg_2.3.6-1.2+deb7u1_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (GNU/Linux)
iQIcBAEBCAAGBQJSWDAqAAoJEP4ixv2DE11F01gP/iHk8IWo9tXJQDZWyY06t+31
Do6+IeXrIGGKul6U629YICaAqXm2bAxPSN/WD9tqh0zhcjzg2+c/IKvkctJwIAPB
gpfxfZ1hIgbX2xZitIo00PqLamh4hG8E0U+rEdDHMGq6g+dmBVcntq2ZJYsQS80n
FFiHebLpgt83Hh9wp3xvx9lqeAWSjk/c1Rkw6bHWXGIRRm8Bnzb7V4bMR3jYf2qy
Yk9DcS0kDbYWFB9ziDZE1NqU4f5UKSa0tXp1uEVsttg2yxjmuYedhK/25S0qtVGi
qA5Jkt58ck95BI0uIzvodF37popYh5vocAHIvlapLyVbdfFi6almf9z3TAgj6dAc
HCdEFfPD3HpDvSs+GH2ddNC0ZkYzYDLwfUY59FJAy8KYUxDmpuSGtBfEHkciaMKu
EHa9S4j5RAXYoLrxEB0eaenBxtNIXD6TWQ+YsrLKZ/UHW5LKA3kWHqNFA1U0ZOcC
QdmxLGuB/TeogdbzRoWq6tRL7Mof7jx3xNF+4kHOSHYgf9dchuXlN4UMfRaWBg4G
MDrjEiMjVeRWdgInzVAwb0imaY28XQA6UDiBr6bBe9RC6e+PMeGPXHyk/A14uvwu
ggNE0GaoSN5eOTd7TsAWaukt69RJD0AHigtucqQ4Nfx7Nsu5cSF5OA5yBb3CyGUy
gJSMFyXMwm2O3/kD87lw
=QuQT
-----END PGP SIGNATURE-----
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org.
(Sun, 15 Dec 2013 07:29:25 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Wed Jun 19 18:44:49 2019;
Machine Name:
buxtehude
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.
Vulmon