CVE-2010-3609

Debian Bug report logs - #623551
CVE-2010-3609

Toggle useless messages

Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

From: Moritz Muehlenhoff <muehlenhoff@univention.de>

To: Debian Bug Tracking System <submit@bugs.debian.org>

Subject: CVE-2010-3609

Date: Thu, 21 Apr 2011 08:14:44 +0200

Package: openslp-dfsg
Severity: grave
Tags: security

Please see http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3609

Patch: http://openslp.svn.sourceforge.net/viewvc/openslp?view=revision&revision=1647

Cheers,
        Moritz

-- System Information:
Debian Release: 5.0.1
Architecture: amd64 (x86_64)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.32-ucs37-amd64
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)

Message #10 received at 623551@bugs.debian.org (full text, mbox, reply):

From: Arne Wichmann <aw@anhrefn.saar.de>

To: 623551@bugs.debian.org

Subject: Ping

Date: Fri, 5 Aug 2011 13:33:57 +0200

[Message part 1 (text/plain, inline)]

Hi,

this grave bug is now open for more than 3 months - is there a plan for an
update?

cu

AW
-- 
[...] If you don't want to be restricted, don't agree to it. If you are
coerced, comply as much as you must to protect yourself, just don't support
it. Noone can free you but yourself. (crag, on Debian Planet)
Arne Wichmann (aw@linux.de)

[signature.asc (application/pgp-signature, inline)]

Message #15 received at 623551-close@bugs.debian.org (full text, mbox, reply):

From: Moritz Muehlenhoff <jmm@debian.org>

To: 623551-close@bugs.debian.org

Subject: Bug#623551: fixed in openslp-dfsg 1.2.1-8

Date: Mon, 19 Dec 2011 22:34:51 +0000

Source: openslp-dfsg
Source-Version: 1.2.1-8

We believe that the bug you reported is fixed in the latest version of
openslp-dfsg, which is due to be installed in the Debian FTP archive:

libslp-dev_1.2.1-8_amd64.deb
  to main/o/openslp-dfsg/libslp-dev_1.2.1-8_amd64.deb
libslp1_1.2.1-8_amd64.deb
  to main/o/openslp-dfsg/libslp1_1.2.1-8_amd64.deb
openslp-dfsg_1.2.1-8.diff.gz
  to main/o/openslp-dfsg/openslp-dfsg_1.2.1-8.diff.gz
openslp-dfsg_1.2.1-8.dsc
  to main/o/openslp-dfsg/openslp-dfsg_1.2.1-8.dsc
openslp-doc_1.2.1-8_all.deb
  to main/o/openslp-dfsg/openslp-doc_1.2.1-8_all.deb
slpd_1.2.1-8_amd64.deb
  to main/o/openslp-dfsg/slpd_1.2.1-8_amd64.deb
slptool_1.2.1-8_amd64.deb
  to main/o/openslp-dfsg/slptool_1.2.1-8_amd64.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 623551@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Moritz Muehlenhoff <jmm@debian.org> (supplier of updated openslp-dfsg package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Mon, 19 Dec 2011 19:09:53 +0100
Source: openslp-dfsg
Binary: slpd openslp-doc libslp1 slptool libslp-dev
Architecture: source all amd64
Version: 1.2.1-8
Distribution: unstable
Urgency: low
Maintainer: Debian QA Group <packages@qa.debian.org>
Changed-By: Moritz Muehlenhoff <jmm@debian.org>
Description: 
 libslp-dev - OpenSLP development libraries
 libslp1    - OpenSLP libraries
 openslp-doc - OpenSLP documentation
 slpd       - OpenSLP Server (slpd)
 slptool    - SLP command line tool
Closes: 621030 623551
Changes: 
 openslp-dfsg (1.2.1-8) unstable; urgency=low
 .
   * Orphan the package, setting maintainer to Debian QA group
   * Fix CVE-2010-3609 (Closes: #623551, Closes: #621030)
Checksums-Sha1: 
 0e49ace2fc4c539cda0eab31e46fdf2f387be7cd 1286 openslp-dfsg_1.2.1-8.dsc
 78be8c074b1d9c3ff01532d3505c0d97ef7c2029 511520 openslp-dfsg_1.2.1-8.diff.gz
 dbee36487cec18718d945d037b56554075ba3207 93362 openslp-doc_1.2.1-8_all.deb
 6506d909b71113ab5ab8d71786546c5942447cab 73364 slpd_1.2.1-8_amd64.deb
 39f0ba56c0ea5da0c217653186f8d077702f66de 57394 libslp1_1.2.1-8_amd64.deb
 45a7b3de46b6a83437f668615d14e760db5317ee 22598 slptool_1.2.1-8_amd64.deb
 e7cb45eb1b9955585951a101c193cad946d23da0 32892 libslp-dev_1.2.1-8_amd64.deb
Checksums-Sha256: 
 bd0ed9cd54b1915078f5e1fb5ec3f5b0998eb91c371f5912e8edbd0acec8b7e3 1286 openslp-dfsg_1.2.1-8.dsc
 01f585d763056d8666759a6d2fdac097ab34b6729e8c727ca13ab5b506764bf9 511520 openslp-dfsg_1.2.1-8.diff.gz
 2f34f14ff852a1b8f5f49876e80dd536926f36f230a1b1a0271669500958097d 93362 openslp-doc_1.2.1-8_all.deb
 ee299d2d990f484c5a8196e9cbb08f2de72b2c29d95929ceb5b345c1b607971a 73364 slpd_1.2.1-8_amd64.deb
 5ebb8fd2743ec97a30901ed05a188c598bba69fe991c98437ed2647e18baebc6 57394 libslp1_1.2.1-8_amd64.deb
 11c17bd39777adb48e676e2878e6a640c28617aac59666fb1685d1190173f3f0 22598 slptool_1.2.1-8_amd64.deb
 53cdfd935688dceef484d5e665164e10b3fbdfec3ca02ace46181a00fe7c033f 32892 libslp-dev_1.2.1-8_amd64.deb
Files: 
 9c7c7604d38f8cb121fb5203877fa0e0 1286 net extra openslp-dfsg_1.2.1-8.dsc
 4da087dfbadcae6b1b82d9f47d5f1b7f 511520 net extra openslp-dfsg_1.2.1-8.diff.gz
 2a102e437c26fb580ab064aac633a662 93362 doc extra openslp-doc_1.2.1-8_all.deb
 a0779c977c46f01cb114a84e06f5b1ed 73364 net extra slpd_1.2.1-8_amd64.deb
 b782d69ab1cf1472ebd0643d6e4f6f67 57394 libs optional libslp1_1.2.1-8_amd64.deb
 ef94b644ed956903344dc48c3ee46a0e 22598 utils extra slptool_1.2.1-8_amd64.deb
 9af931b39371ccfcdcd4bc9aec2c2af5 32892 libdevel extra libslp-dev_1.2.1-8_amd64.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iEYEARECAAYFAk7vf8YACgkQXm3vHE4uylo7cACgjyhGwNl1YeA+BumZMI9Pk8bf
WmcAoIqafFJSUJQbtr6e3x9asnW8gc+b
=1vF7
-----END PGP SIGNATURE-----

Send a report that this bug log contains spam.