Your message dated Sun, 01 Jun 2008 13:47:06 +0000
with message-id <[EMAIL PROTECTED]>
and subject line Bug#483562: fixed in pan 0.132-3.1
has caused the Debian Bug report #483562,
regarding CVE-2008-2363 Assertion fails when starting PAN
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [EMAIL PROTECTED]
immediately.)
--
483562: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=483562
Debian Bug Tracking System
Contact [EMAIL PROTECTED] with problems
--- Begin Message ---
Package: pan
Version: .132
Severity: grave
Redhat has a bug for a possible buffer overflow that could result in remote
code execution:
https://bugzilla.redhat.com/show_bug.cgi?id=446902
The proposed patch is at:
https://bugzilla.redhat.com/attachment.cgi?id=306880
--- End Message ---
--- Begin Message ---
Source: pan
Source-Version: 0.132-3.1
We believe that the bug you reported is fixed in the latest version of
pan, which is due to be installed in the Debian FTP archive:
pan_0.132-3.1.diff.gz
to pool/main/p/pan/pan_0.132-3.1.diff.gz
pan_0.132-3.1.dsc
to pool/main/p/pan/pan_0.132-3.1.dsc
pan_0.132-3.1_i386.deb
to pool/main/p/pan/pan_0.132-3.1_i386.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Steffen Joeris <[EMAIL PROTECTED]> (supplier of updated pan package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Sun, 01 Jun 2008 11:55:25 +0000
Source: pan
Binary: pan
Architecture: source i386
Version: 0.132-3.1
Distribution: unstable
Urgency: high
Maintainer: Mario Iseli <[EMAIL PROTECTED]>
Changed-By: Steffen Joeris <[EMAIL PROTECTED]>
Description:
pan - A Newsreader based on GTK2, which looks like Forte Agent
Closes: 483562
Changes:
pan (0.132-3.1) unstable; urgency=high
.
* Non-maintainer upload by the security team
* Fix possible buffer overflow by clearing parts from PartsBatch
class (Closes: #483562)
Fixes: CVE-2008-2363
Checksums-Sha1:
51ab2ed24923d077881b9166d21187b1144fbe0e 1147 pan_0.132-3.1.dsc
b635269f518547e795c0b9f9f83fe1301fcbb0b8 20449 pan_0.132-3.1.diff.gz
e862db3abde8fd330582623b621f75053b1d40a5 1057268 pan_0.132-3.1_i386.deb
Checksums-Sha256:
0ac1bbe68d81359de9eb8938444ed81aa5b4ca34a0e4f825ddd332be3aa2039b 1147
pan_0.132-3.1.dsc
98410deba5def3a6a3762331c62d4b2ab138fc974aae23a4b45884e08dd0344e 20449
pan_0.132-3.1.diff.gz
12854d55dc90ed6340d8e4c490daf88ba790f8fdf28be70c3df4bbb1fb2215e9 1057268
pan_0.132-3.1_i386.deb
Files:
0d98d07359c54363b15f16e893efbb57 1147 news optional pan_0.132-3.1.dsc
fcab19b095b2b1d792953f1bdbff74f6 20449 news optional pan_0.132-3.1.diff.gz
ad43cba16caa5b1366f6d9126fe1a9e9 1057268 news optional pan_0.132-3.1_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFIQqOw62zWxYk/rQcRApDgAKC1oEMNEgKW/Mr0u77i9zIjeK1S+gCgw389
/9nXsGcMsxidRDiqPx2mNBU=
=yDkm
-----END PGP SIGNATURE-----
--- End Message ---
