Debian Bug report logs -
#876462
otrs2: CVE-2017-14635: Code Injection / Privilege Escalation OTRS
Reported by: Salvatore Bonaccorso <carnil@debian.org>
Date: Fri, 22 Sep 2017 14:33:02 UTC
Severity: grave
Tags: security, upstream
Found in version otrs2/3.3.9-3
Fixed in versions otrs2/5.0.23-1, otrs2/5.0.16-1+deb9u2, otrs2/3.3.18-1+deb8u1
Done: Patrick Matthäi <pmatthaei@debian.org>
Bug is archived. No further changes may be made.
Toggle useless messages
Report forwarded
to debian-bugs-dist@lists.debian.org, carnil@debian.org, team@security.debian.org, secure-testing-team@lists.alioth.debian.org, team@security.debian.org, secure-testing-team@lists.alioth.debian.org, Patrick Matthäi <pmatthaei@debian.org>:
Bug#876462; Package src:otrs2.
(Fri, 22 Sep 2017 14:33:04 GMT) (full text, mbox, link).
Acknowledgement sent
to Salvatore Bonaccorso <carnil@debian.org>:
New Bug report received and forwarded. Copy sent to carnil@debian.org, team@security.debian.org, secure-testing-team@lists.alioth.debian.org, team@security.debian.org, secure-testing-team@lists.alioth.debian.org, Patrick Matthäi <pmatthaei@debian.org>.
(Fri, 22 Sep 2017 14:33:04 GMT) (full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
Source: otrs2
Version: 3.3.9-3
Severity: grave
Tags: upstream security
Hi,
the following vulnerability was published for otrs2.
CVE-2017-14635[0]:
| In Open Ticket Request System (OTRS) 3.3.x before 3.3.18, 4.x before
| 4.0.25, and 5.x before 5.0.23, remote authenticated users can leverage
| statistics-write permissions to gain privileges via code injection.
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2017-14635
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14635
[1] https://www.otrs.com/security-advisory-2017-04-security-update-otrs-versions/
Unfortunately the patches are not referenced, so must be researched in
the repository.
Regards,
Salvatore
Information forwarded
to debian-bugs-dist@lists.debian.org, Patrick Matthäi <pmatthaei@debian.org>:
Bug#876462; Package src:otrs2.
(Sun, 24 Sep 2017 21:36:06 GMT) (full text, mbox, link).
Acknowledgement sent
to Markus Koschany <apo@debian.org>:
Extra info received and forwarded to list. Copy sent to Patrick Matthäi <pmatthaei@debian.org>.
(Sun, 24 Sep 2017 21:36:06 GMT) (full text, mbox, link).
Message #10 received at 876462@bugs.debian.org (full text, mbox, reply):
[Message part 1 (text/plain, inline)]
On Fri, 22 Sep 2017 16:31:00 +0200 Salvatore Bonaccorso
<carnil@debian.org> wrote:
[...]
> Unfortunately the patches are not referenced, so must be researched in
> the repository.
I had a look at this issue. I have found
https://github.com/OTRS/otrs/commit/a4093dc404fcbd87b235b31c72913141672f2a85
which was introduced in version 5.0.23 that fixed the vulnerability. It
is the only commit that mentions the keywords agent and statistics but
I'm not sure if the commit is sufficient. I suggest to contact upstream
about this and ask for a clarification.
Regards,
Markus
[signature.asc (application/pgp-signature, attachment)]
Information forwarded
to debian-bugs-dist@lists.debian.org, Patrick Matthäi <pmatthaei@debian.org>:
Bug#876462; Package src:otrs2.
(Thu, 28 Sep 2017 08:42:03 GMT) (full text, mbox, link).
Acknowledgement sent
to pmatthaei@debian.org:
Extra info received and forwarded to list. Copy sent to Patrick Matthäi <pmatthaei@debian.org>.
(Thu, 28 Sep 2017 08:42:03 GMT) (full text, mbox, link).
Message #15 received at 876462@bugs.debian.org (full text, mbox, reply):
[Message part 1 (text/plain, inline)]
Hello Martin and everyone else,
could you help here? Is this the correct commit for CVE-2017-14635?
-------- Weitergeleitete Nachricht --------
On Fri, 22 Sep 2017 16:31:00 +0200 Salvatore Bonaccorso
<carnil@debian.org> wrote:
[...]
> Unfortunately the patches are not referenced, so must be researched in
> the repository.
I had a look at this issue. I have found
https://github.com/OTRS/otrs/commit/a4093dc404fcbd87b235b31c72913141672f2a85
which was introduced in version 5.0.23 that fixed the vulnerability. It
is the only commit that mentions the keywords agent and statistics but
I'm not sure if the commit is sufficient. I suggest to contact upstream
about this and ask for a clarification.
Regards,
Markus
[signature.asc (application/pgp-signature, attachment)]
Reply sent
to Patrick Matthäi <pmatthaei@debian.org>:
You have taken responsibility.
(Thu, 28 Sep 2017 09:12:12 GMT) (full text, mbox, link).
Notification sent
to Salvatore Bonaccorso <carnil@debian.org>:
Bug acknowledged by developer.
(Thu, 28 Sep 2017 09:12:12 GMT) (full text, mbox, link).
Message #20 received at 876462-close@bugs.debian.org (full text, mbox, reply):
Source: otrs2
Source-Version: 5.0.23-1
We believe that the bug you reported is fixed in the latest version of
otrs2, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 876462@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Patrick Matthäi <pmatthaei@debian.org> (supplier of updated otrs2 package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Thu, 28 Sep 2017 10:42:32 +0200
Source: otrs2
Binary: otrs2 otrs
Architecture: source all
Version: 5.0.23-1
Distribution: unstable
Urgency: high
Maintainer: Patrick Matthäi <pmatthaei@debian.org>
Changed-By: Patrick Matthäi <pmatthaei@debian.org>
Description:
otrs - Open Ticket Request System (OTRS 5)
otrs2 - Open Ticket Request System
Closes: 876462
Changes:
otrs2 (5.0.23-1) unstable; urgency=high
.
* New upstream release.
- This fixes OSA-2017-04, also known as CVE-2017-14635: An attacker who is
logged into OTRS as an agent with write permissions for statistics can
inject arbitrary code into the system. This can lead to serious problems
like privilege escalation, data loss, and denial of service.
Closes: #876462
- Refresh patch 07-otrs-business-check.
- Refresh patch 09-disable-DashboardProductNotify.
- Refresh patch 11-do-not-test-file-writes.
- Refresh patch 14-font-paths.
* Bump Standards-Version to 4.1.0 (no changes required).
Checksums-Sha1:
23630e93793b37ea60d0328715da83e4e60b7df8 1811 otrs2_5.0.23-1.dsc
3bf7973acea1871d54dc7950203543b801747c29 20617459 otrs2_5.0.23.orig.tar.bz2
6db4263d55e03d709881308390f9541c985a8a01 45448 otrs2_5.0.23-1.debian.tar.xz
217565ba8a812664725c7e27fe2bc1dbf12e23e4 7423940 otrs2_5.0.23-1_all.deb
139268e037e87e74c18767456b455a069a4af3d8 7461 otrs2_5.0.23-1_amd64.buildinfo
670dc22b6666b1dc5f8a8ae016036070bbe6537e 221318 otrs_5.0.23-1_all.deb
Checksums-Sha256:
f32c8e8424991b32e4935619a984a802e95d18280aa9398e8b058541d6335c40 1811 otrs2_5.0.23-1.dsc
5e12affbccde0cae5738de1d0c7334e655b4c373ea668913ec54f31564b128c4 20617459 otrs2_5.0.23.orig.tar.bz2
b0872483e218162df871ce7f8dff030df2cc1bbb87d48555d25ecc19ee97010a 45448 otrs2_5.0.23-1.debian.tar.xz
df5e2cb57db60cda963bccfbf7377916b4ec3db9c4e8af223ef98923c4bd20cd 7423940 otrs2_5.0.23-1_all.deb
7ee2f0da08d24bd624a5ea67d55914605b0589b58fdb6d74b4a972150d893000 7461 otrs2_5.0.23-1_amd64.buildinfo
0151020298c855e189df8220e3abf1a9e9e17581e5e622ded60767c2eed5861e 221318 otrs_5.0.23-1_all.deb
Files:
14b2e3fc8fb2c5a4d07798b6d621cce4 1811 non-free/web optional otrs2_5.0.23-1.dsc
28ab33486648dd4f6f994429636d9c27 20617459 non-free/web optional otrs2_5.0.23.orig.tar.bz2
10ef95fa4d183638cecb82c1b3552d63 45448 non-free/web optional otrs2_5.0.23-1.debian.tar.xz
cc0334c9696939d6620d59ebc98d88a2 7423940 non-free/web optional otrs2_5.0.23-1_all.deb
9f638b8fb891af99583f894357ac6ac2 7461 non-free/web optional otrs2_5.0.23-1_amd64.buildinfo
b70edd934a2734902995dd19d0c10ef1 221318 non-free/web optional otrs_5.0.23-1_all.deb
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEWKA9xYJCWk3IuQ4TEtmwSpDL2OQFAlnMt6gACgkQEtmwSpDL
2OTPEg//VE248Gt8A9I4fobIPiAeFDBELtmjgR6tm0CRgY8SGE9B1cLb+68jweIZ
GJDAVWjvvFeRlKq0XtAO8gbtCstrM63My/zvc5Tb7oUcXGGJn8uxRzSO5qRA1rti
pZ7BvqtTfLL9YoGvpeW8JQyki+xI3U2N7GuM1Wpd8W4E3y1DS672rFe0bInFJ9sZ
H4Z2Q9032+2j2dKXYu7Tyvtp9dIX8GYVah4IeBXs/py7IZkflBJojuT10Enm85a7
UKSLw40FOb50JJ6i/Ym4RgTCVGy5yzsi3eIbtkr5MdlTvUiOW/xCHc6no2wRZbSM
AG/BfNbBjjmUiOPZR1Uwv0IyCORw9+brRc495YVOIRmevaRZYuS461cDf1yqWHI3
bsxnLwBsaN+X3JuV63sKXjaYg3wJtYWwbGYIfQpudpkDUG4Yh9T2gS+45vRSE0oI
DmoY9feQkI0zb/N4R0K9GmECxGtU5FLX/i4u4tMJBgVZqi2c2xXOMdcHx87/DRcG
SEWUsuPnjGtEDzDM+KpKl74oueQSRA4liCPBIGbfltzW84xO8r0UOl04dRd/0LcW
Otr5BeK2AtsFthzN/sffRJ11IVHuG2hHHr4oLqHw1I2ZR1Jax5gURkyWknf9aNBX
uYMG+QcCsaM08M4uYA8M9rIe2LgUxuE2Up3ZGYEKSI0SIWusZX4=
=3Lx0
-----END PGP SIGNATURE-----
Reply sent
to Patrick Matthäi <pmatthaei@debian.org>:
You have taken responsibility.
(Sun, 12 Nov 2017 15:36:26 GMT) (full text, mbox, link).
Notification sent
to Salvatore Bonaccorso <carnil@debian.org>:
Bug acknowledged by developer.
(Sun, 12 Nov 2017 15:36:26 GMT) (full text, mbox, link).
Message #25 received at 876462-close@bugs.debian.org (full text, mbox, reply):
Source: otrs2
Source-Version: 5.0.16-1+deb9u2
We believe that the bug you reported is fixed in the latest version of
otrs2, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 876462@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Patrick Matthäi <pmatthaei@debian.org> (supplier of updated otrs2 package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Mon, 06 Nov 2017 15:22:44 +0100
Source: otrs2
Binary: otrs2 otrs
Architecture: source all
Version: 5.0.16-1+deb9u2
Distribution: stretch-security
Urgency: high
Maintainer: Patrick Matthäi <pmatthaei@debian.org>
Changed-By: Patrick Matthäi <pmatthaei@debian.org>
Description:
otrs - Open Ticket Request System (OTRS 5)
otrs2 - Open Ticket Request System
Closes: 876462
Changes:
otrs2 (5.0.16-1+deb9u2) stretch-security; urgency=high
.
* Add patch 16-CVE-2017-14635:
This fixes OSA-2017-04, also known as CVE-2017-14635: An attacker who is
logged into OTRS as an agent with write permissions for statistics can
inject arbitrary code into the system. This can lead to serious problems
like privilege escalation, data loss, and denial of service.
Closes: #876462
Checksums-Sha1:
5655db3601cf33f09ea61489f08278d6bf2534f6 1838 otrs2_5.0.16-1+deb9u2.dsc
5538c2b9138a0b6d5816ff034507dd5ce26abf8d 19417591 otrs2_5.0.16.orig.tar.bz2
07a432686256089532a2eae170cd41c9e95aeea8 49336 otrs2_5.0.16-1+deb9u2.debian.tar.xz
960222a0fe0bf4d45cfc007d346c4daa07c738dd 7053058 otrs2_5.0.16-1+deb9u2_all.deb
102937f5fbb265d12bb03462a7c033f064ad2b74 7244 otrs2_5.0.16-1+deb9u2_amd64.buildinfo
7f076896f13bf4bf58302d75bfb8aff9a6595623 213016 otrs_5.0.16-1+deb9u2_all.deb
Checksums-Sha256:
65e92d009a89eefc3f63d3548d854b49d7bb7c7e3635823bee136ae0b3308f5d 1838 otrs2_5.0.16-1+deb9u2.dsc
ddec039990c1bdfc27299ab175eff3e1665aa99ba48050f7f2dde480b28f4029 19417591 otrs2_5.0.16.orig.tar.bz2
41f0e5896b4e6c057cdc832284d300d783111d1a0bda07d273aab162cf5ec9f5 49336 otrs2_5.0.16-1+deb9u2.debian.tar.xz
e4d8e1e7859f360dce30a4fbf91e82ead507610c3ebace0e492f64bcf59b93e3 7053058 otrs2_5.0.16-1+deb9u2_all.deb
27dca46f41693309b5c7b612c93d77f34bc235bf1f9f84332b24acfbb29f8e11 7244 otrs2_5.0.16-1+deb9u2_amd64.buildinfo
dbd387ecf16b9314a361b3405e9b7864bbff7eb17d05e947270e6d6066bf7843 213016 otrs_5.0.16-1+deb9u2_all.deb
Files:
86ce04c7c2f5062cf263223bd1a373c9 1838 non-free/web optional otrs2_5.0.16-1+deb9u2.dsc
9fe21e6993bcac71247fdcaf5e1f4e55 19417591 non-free/web optional otrs2_5.0.16.orig.tar.bz2
66cd6c830e1844ae341f8182d64b8f5a 49336 non-free/web optional otrs2_5.0.16-1+deb9u2.debian.tar.xz
62d6b4e61ba29715a47e12ea7a912a4d 7053058 non-free/web optional otrs2_5.0.16-1+deb9u2_all.deb
56d00a735d6c411f884f5fbc462ac74d 7244 non-free/web optional otrs2_5.0.16-1+deb9u2_amd64.buildinfo
1494511f24abab4e879e33a38b278b99 213016 non-free/web optional otrs_5.0.16-1+deb9u2_all.deb
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEWKA9xYJCWk3IuQ4TEtmwSpDL2OQFAloAcc8ACgkQEtmwSpDL
2OTSNw/9GAwal8NbhrRyNn1RvxWF8msT48ES0NFUL0gmc0jQTRPtsEY1c01wV2Hm
jiAHhRcfM3CUxQuF7gO/EazVDcotl8JunHOFvqgiOiJG+fSpkJK9l7DoWGLtba88
BtYlaAuuwrAAhm9YOilNKMrrOKspOhAL4F8o7P/V61X7W9IOjfIuCeAijP47BCX2
p6MwNBfNhF7L9fNoVLMoZMgUMpkkvEgUx1tJSf4lX1dOLlnPOiDAKtuB5zcQuorb
jwu9MHPKWUGo6qVoKJ7KLyjrKgmTWxpbYsI0Yfr2IZWdwLwqhaqWcD7wQv/7A0xo
99dwoEwKh9+aXD4169W0sR3VJElJxO3bSK/sYNXJfSJOGo5XxASi1x+zDLOaBFU2
CI4xUTICEHxZ1gV0iCvJL8oS0jUyd8XXtRO30GiegC/OQ1sKTPu4TLEfJLGVF817
7LlpfSsE8styOc3vrO+CFxTj/2TICy4fC5Pe14+aunO5uAz2rFlNarmyfwNCafuo
GRTw7gImeOCEVDo9iwSjdq/OOKWhHfyh6xpZx7YErVvq8VvXdkFvmVolYHonxNKM
OjYAKvJw7HD3VZAyWg0VCyh8pOJ9/nyb09eij7OPDCOxiIidd/+WuPlh48TaqX4Y
Vw1s9UeVAptq78EtZuww6hUmUwsozbhLksIuX2ajjbO7o1IU9Ko=
=IWgL
-----END PGP SIGNATURE-----
Reply sent
to Patrick Matthäi <pmatthaei@debian.org>:
You have taken responsibility.
(Sat, 18 Nov 2017 22:24:08 GMT) (full text, mbox, link).
Notification sent
to Salvatore Bonaccorso <carnil@debian.org>:
Bug acknowledged by developer.
(Sat, 18 Nov 2017 22:24:08 GMT) (full text, mbox, link).
Message #30 received at 876462-close@bugs.debian.org (full text, mbox, reply):
Source: otrs2
Source-Version: 3.3.18-1+deb8u1
We believe that the bug you reported is fixed in the latest version of
otrs2, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 876462@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Patrick Matthäi <pmatthaei@debian.org> (supplier of updated otrs2 package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Mon, 06 Nov 2017 15:08:08 +0100
Source: otrs2
Binary: otrs2 otrs
Architecture: source all
Version: 3.3.18-1+deb8u1
Distribution: jessie-security
Urgency: high
Maintainer: Patrick Matthäi <pmatthaei@debian.org>
Changed-By: Patrick Matthäi <pmatthaei@debian.org>
Description:
otrs - Open Ticket Request System (OTRS 3)
otrs2 - Open Ticket Request System
Closes: 767517 772287 876462
Changes:
otrs2 (3.3.18-1+deb8u1) jessie-security; urgency=high
.
* New upstream release.
- Refresh patches 03-backup, 04-opt, 05-database, 06-no-installer,
09-disable-DashboardProductNotify,
10-nice-packagemanager-permissions-message, 12-use-debian-libjs-packages,
13-load-debian-libjs, 14-font-paths and 15-dbupdate-as-root.
- This fixes OSA-2017-04, also known as CVE-2017-14635: An attacker who is
logged into OTRS as an agent with write permissions for statistics can
inject arbitrary code into the system. This can lead to serious problems
like privilege escalation, data loss, and denial of service.
Closes: #876462
.
otrs2 (3.3.11-1) experimental; urgency=low
.
* New upstream release.
- Fixes CVE-2014-9324, also known as OSA-2014-06.
- Refresh hunky patch 03-backup.
- Refresh hunky patch 07-dont-chown-links.
- Refresh hunky patch 10-nice-packagemanager-permissions-message.
- Refresh hunky patch 11-fix-SetPermissions-to-include-some-more-dirs.
* Watch again all releases.
* Do not install auto_build.sh.
Closes: #772287
* Merge 3.3.9-3 changelog.
.
otrs2 (3.3.10-1) experimental; urgency=low
.
* New upstream release.
- Refresh hunky patch 03-backup.
- non-free flash files have been removed.
- Remove an extra license file.
* Move database servers from recommends to suggest and add Postgres and MySQL
clients to recommends.
Closes: #767517
Checksums-Sha1:
a04254e17e91dca322d0ad7019b86d3c69844abc 1820 otrs2_3.3.18-1+deb8u1.dsc
7f45cf5336e9ce5d507a935241f042bdfdf85845 21067692 otrs2_3.3.18.orig.tar.bz2
815c7827d646406c29c321c9311a3141a31c0dff 39624 otrs2_3.3.18-1+deb8u1.debian.tar.xz
90f8d6efeb034cbe256f8c0da483cfd90382dc27 5644062 otrs2_3.3.18-1+deb8u1_all.deb
4efbbaa190282da9c7e17ffe473650dfa9a4a2bb 188306 otrs_3.3.18-1+deb8u1_all.deb
Checksums-Sha256:
31c34d7910e1748f409656275a7b8d298ad2415e445f870e90993af21658f9b1 1820 otrs2_3.3.18-1+deb8u1.dsc
9d6e4e44316c6812f35618be50d8951a0c2e0d917752610fada936c466bea453 21067692 otrs2_3.3.18.orig.tar.bz2
a9e7423f95a826e09db7224b9eae0169bfb7167a0b1b5f804def85dc33dd60fe 39624 otrs2_3.3.18-1+deb8u1.debian.tar.xz
a0d31800d752f1e20ac9d563b076d81c6c0f7252589d5ea9de9be12e1cfa3bdd 5644062 otrs2_3.3.18-1+deb8u1_all.deb
8167a4f4ac3702816c6f64afe73b80986c8332b22820726d61da1c06aa889d44 188306 otrs_3.3.18-1+deb8u1_all.deb
Files:
34e7ea72c1a4761acf0b9e07427e79b7 1820 web optional otrs2_3.3.18-1+deb8u1.dsc
b3375dfa09a2ec3c4cebc7ad74d55e0b 21067692 web optional otrs2_3.3.18.orig.tar.bz2
d9167d7a71268499efc2156c0aae1976 39624 web optional otrs2_3.3.18-1+deb8u1.debian.tar.xz
1bf9e651053e7051edd02b0d22f71d11 5644062 web optional otrs2_3.3.18-1+deb8u1_all.deb
f651a25f2b125a31d21faa8f6a71d84e 188306 web optional otrs_3.3.18-1+deb8u1_all.deb
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEWKA9xYJCWk3IuQ4TEtmwSpDL2OQFAloAcc4ACgkQEtmwSpDL
2OQtjBAAjF8VtE9pzcZtx975IzSKL/eaffsP+EtGVjbn05CqqqNqAsN1Te/ZlbkD
cqXX/85bZAFCOBWy+Ni81znt0vedsVH+ndJ/j+qEE/uw6FP7jQWBLmAA2Fo3IiO3
rSUAHrR386jd7Hu8oqckKaoC667smenmb1O9we87+2szRhEKUQ6sX1KsiA2A+dyQ
460Q5CgeCwgLOgfOJl/ifG5WuhridrllofBClc054U2CZb/akD80zNoKsITJJ2wY
wzUoOIl7UrpuQ/JLcUPDtXoVgDQGf7Ded91TIC9TAjTphGsgAobDeZPXDMT1wTPL
Pdr/jvhr7va6L9AXYj6CEr/U/vXO0c5evVUa/xQnubj3zV8qE6voFfePblDD70XU
bPkt0CKM5VrEqP4z1nCioQ7At5cF8jw9xX75AW3ZjZf2k6EEG4F8VeN35wh44m5H
PD4bFvgISWXEPqqbJpYhKxpkyJweYxp1ynZWZhR36/gAM6gBMa9pptYSJKpwzJnT
iQ57ElYzeyvYUNbtVe6DG8Qcl17lkaZuy+eY4Fd9O8uh/B3LPrqu+5gA6SCdxB5q
xIRiLP63EK+mD0dpFhSF3vBLb2e+v14cMimBXvPKG7ucjQDEhjZx8m1r8NV3IV9k
Bg0G68HTCkrf1vngUsyWl1EvFgCiT2foSXH1eIoldfgg8SkOQvA=
=73wQ
-----END PGP SIGNATURE-----
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org.
(Sun, 17 Dec 2017 07:29:43 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Wed Jun 19 19:03:12 2019;
Machine Name:
beach
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.
Vulmon