Debian Bug report logs -
#732594
pywbem: Two security issues
Reported by: Moritz Muehlenhoff <jmm@inutil.org>
Date: Thu, 19 Dec 2013 07:03:01 UTC
Severity: grave
Tags: security
Fixed in version pywbem/0.8.0~dev650-1
Done: Bernd Zeimetz <bzed@debian.org>
Bug is archived. No further changes may be made.
Toggle useless messages
Report forwarded
to debian-bugs-dist@lists.debian.org, team@security.debian.org, secure-testing-team@lists.alioth.debian.org, Debian Python Modules Team <python-modules-team@lists.alioth.debian.org>:
Bug#732594; Package pywbem.
(Thu, 19 Dec 2013 07:03:06 GMT) (full text, mbox, link).
Acknowledgement sent
to Moritz Muehlenhoff <jmm@inutil.org>:
New Bug report received and forwarded. Copy sent to team@security.debian.org, secure-testing-team@lists.alioth.debian.org, Debian Python Modules Team <python-modules-team@lists.alioth.debian.org>.
(Thu, 19 Dec 2013 07:03:06 GMT) (full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
Package: pywbem
Severity: grave
Tags: security
Justification: user security hole
Please see:
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-6418
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-6444
Cheers,
Moritz
Information forwarded
to debian-bugs-dist@lists.debian.org, Debian Python Modules Team <python-modules-team@lists.alioth.debian.org>:
Bug#732594; Package pywbem.
(Fri, 17 Jan 2014 05:30:09 GMT) (full text, mbox, link).
Acknowledgement sent
to Salvatore Bonaccorso <carnil@debian.org>:
Extra info received and forwarded to list. Copy sent to Debian Python Modules Team <python-modules-team@lists.alioth.debian.org>.
(Fri, 17 Jan 2014 05:30:09 GMT) (full text, mbox, link).
Message #10 received at 732594@bugs.debian.org (full text, mbox, reply):
Hi,
On Thu, Dec 19, 2013 at 07:51:00AM +0100, Moritz Muehlenhoff wrote:
> Package: pywbem
> Severity: grave
> Tags: security
> Justification: user security hole
>
> Please see:
> https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-6418
> https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-6444
There is now a patch for both issues:
https://bugzilla.redhat.com/attachment.cgi?id=851357
Regards,
Salvatore
Added tag(s) pending.
Request was from bzed@users.alioth.debian.org
to control@bugs.debian.org.
(Sat, 04 Oct 2014 09:09:04 GMT) (full text, mbox, link).
Reply sent
to Bernd Zeimetz <bzed@debian.org>:
You have taken responsibility.
(Sat, 04 Oct 2014 13:51:26 GMT) (full text, mbox, link).
Notification sent
to Moritz Muehlenhoff <jmm@inutil.org>:
Bug acknowledged by developer.
(Sat, 04 Oct 2014 13:51:26 GMT) (full text, mbox, link).
Message #17 received at 732594-close@bugs.debian.org (full text, mbox, reply):
Source: pywbem
Source-Version: 0.8.0~dev650-1
We believe that the bug you reported is fixed in the latest version of
pywbem, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 732594@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Bernd Zeimetz <bzed@debian.org> (supplier of updated pywbem package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Sat, 04 Oct 2014 11:04:58 +0200
Source: pywbem
Binary: python-pywbem
Architecture: source all
Version: 0.8.0~dev650-1
Distribution: unstable
Urgency: low
Maintainer: Debian Python Modules Team <python-modules-team@lists.alioth.debian.org>
Changed-By: Bernd Zeimetz <bzed@debian.org>
Description:
python-pywbem - Python WBEM Client and Provider Interface
Closes: 627864 679607 732594
Changes:
pywbem (0.8.0~dev650-1) unstable; urgency=low
.
[ Bernd Zeimetz ]
* Lower Python-all dependency for backports. We don't
need python.mk to build.
* Rename wbemcli to wbemcli.py (Closes: #679607)
* Take upstream code from svn
- Fixes security issues (Closes: #732594)
- Ship mof_compiler (Closes: #627864)
* add python-twisted, python-m2crypto and python-epydoc
as dependencies
* Use dh --with python2
* remove dpatch
* Bump Standards-Version
* Remove python-support
* Bump compat level to 8
* Install manpage properly
.
[ Jakub Wilk ]
* Use canonical URIs for Vcs-* fields.
Checksums-Sha1:
dca559cf17d2d724ef3fba5cd5fdb3f4c4090740 2081 pywbem_0.8.0~dev650-1.dsc
be557691a7fe3d89ab36f3d2049b16711c922a45 154703 pywbem_0.8.0~dev650.orig.tar.gz
e6cffff8720dbba47c82cc795a43354984438c90 5385 pywbem_0.8.0~dev650-1.diff.gz
092f5b3c17d10638c523d1bd96bb3ff3545efb8f 118654 python-pywbem_0.8.0~dev650-1_all.deb
Checksums-Sha256:
6bf68226ff3b165b69cd8959d3872faf016cd9e43f4e3228411f3e54b65312f4 2081 pywbem_0.8.0~dev650-1.dsc
300a8ad26c6e1ab0a5a4dc930a3a653a5d00abcdd033cd39143fffd15a9992e4 154703 pywbem_0.8.0~dev650.orig.tar.gz
1aa829472f26c90ea1bd436b70651f53823a6f2f33de408ec6028b2d6a7dcf9e 5385 pywbem_0.8.0~dev650-1.diff.gz
2868f0034c6f4188d46188b41a66280af77826589876b688b779e4c4ff8dae8a 118654 python-pywbem_0.8.0~dev650-1_all.deb
Files:
73a2d0f0f6fb714ca4aef7821585824b 118654 python extra python-pywbem_0.8.0~dev650-1_all.deb
11db0900be49d208d5e44482386879b0 2081 python extra pywbem_0.8.0~dev650-1.dsc
a18fc75324b2a01b9a183a499234b39e 154703 python extra pywbem_0.8.0~dev650.orig.tar.gz
abc02a2f3b586a1f47b572ab006bcf97 5385 python extra pywbem_0.8.0~dev650-1.diff.gz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCAAGBQJUL/iZAAoJEOs2Fxpv+UNfjGcP+wRJn1a7iqk2jBS0ev+V4hCO
5L6yhkeWhg4Tf4OQRDheoSJ+oa0d/CQt/zp3ERiiiZsZz2aufu2ioablzMS+IicI
V7CQWIAHTrjT3t3pjc7OGdGLaQYzR+TfWnC9i78ceJhJu9uBkLG2VmzB/kdN2qct
t2j5X6xnFDLl9ySYynZjzSv/6QRrgI0cYyQnR+AyN0UA8mAMn6ZjFzynDOcQg3Ro
EWZlw5RLl7Kym8V8B0TVDYsHpM+KwSzQgfW4rXGS0NJ6pCWWm5XNl7jffziI3BlV
ZFAInpfcUpB+C57DQ/li3n1clTqjHiMg/O8E+P2GeqlSTDpX0bi4NuHyFaJuC3hv
hKCYGRckXJCor6R2dPj7ZiqsExRQLfrTpUeXAbR4lBPdEEwwV3SzYpXGHqbHtcF/
ehsV8b9Kv0A9y4VT9e9LYs2FC31bn2pv6TxQPINnot2gjE/51z65La+xt1VuUMzP
UzXFIv4o1M464UJKsOoD5IPde7TJJNF+sNtK3gmw2c6WRhBrCzaHCyDSXeQfhwH3
UmrisknYAtgbJSFYGbEVenNTKXcf+L72g25umZsnDsw7tiuGfJeVH6h/0uVOPc4B
ZiTtJrVUuJzNyQQQ89zMq8Tcb9oTSX2v3XR9jgkibBicRsZ24m4PRETb3WynNJKO
WuG1oeDHOo0u202iCSUr
=dzux
-----END PGP SIGNATURE-----
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org.
(Sun, 24 May 2015 08:09:46 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Wed Jun 19 15:25:46 2019;
Machine Name:
beach
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.
Vulmon