Your message dated Tue, 08 Sep 2009 19:57:03 +0000
with message-id <[email protected]>
and subject line Bug#540657: fixed in serveez 0.1.5-2.1+lenny1
has caused the Debian Bug report #540657,
regarding serveez: REMOTE BUFFER OVERFLOW
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
540657: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=540657
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Subject: serveez: REMOTE BUFFER OVERFLOW
Package: serveez
Version: 0.1.5-2.1
Severity: grave
Justification: user security hole
Tags: security
*** Please type your report below this line ***
I HAVE FOUND SERIOUS SATANIC SECURITY HOLE:
http://packetstormsecurity.nl/0908-exploits/serveez-overflow.txt
LVAC!
-- System Information:
Debian Release: 5.0.2
APT prefers stable
APT policy: (500, 'stable')
Architecture: i386 (i686)
Kernel: Linux 2.6.26-2-686 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages serveez depends on:
ii guile-1.6-libs 1.6.8-6.3 Main Guile libraries
ii libbz2-1.0 1.0.5-1 high-quality block-sorting file co
ii libc6 2.7-18 GNU C Library: Shared libraries
ii libguile-ltdl-1 1.6.8-6.3 Guile's patched version of libtool
ii libqthreads-12 1.6.8-6.3 QuickThreads library for Guile
ii libserveez-0.1.5 0.1.5-2.1 GNU Serveez server framework -- sh
ii zlib1g 1:1.2.3.3.dfsg-12 compression library - runtime
serveez recommends no packages.
serveez suggests no packages.
-- no debconf information
serveez.cfg
Description: Binary data
--- End Message ---
--- Begin Message ---
Source: serveez
Source-Version: 0.1.5-2.1+lenny1
We believe that the bug you reported is fixed in the latest version of
serveez, which is due to be installed in the Debian FTP archive:
libserveez-0.1.5_0.1.5-2.1+lenny1_amd64.deb
to pool/main/s/serveez/libserveez-0.1.5_0.1.5-2.1+lenny1_amd64.deb
libserveez-dev_0.1.5-2.1+lenny1_amd64.deb
to pool/main/s/serveez/libserveez-dev_0.1.5-2.1+lenny1_amd64.deb
serveez-doc_0.1.5-2.1+lenny1_all.deb
to pool/main/s/serveez/serveez-doc_0.1.5-2.1+lenny1_all.deb
serveez_0.1.5-2.1+lenny1.diff.gz
to pool/main/s/serveez/serveez_0.1.5-2.1+lenny1.diff.gz
serveez_0.1.5-2.1+lenny1.dsc
to pool/main/s/serveez/serveez_0.1.5-2.1+lenny1.dsc
serveez_0.1.5-2.1+lenny1_amd64.deb
to pool/main/s/serveez/serveez_0.1.5-2.1+lenny1_amd64.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Andreas Rottmann <[email protected]> (supplier of updated serveez package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Mon, 24 Aug 2009 14:09:52 +0200
Source: serveez
Binary: serveez serveez-doc libserveez-dev libserveez-0.1.5
Architecture: source all amd64
Version: 0.1.5-2.1+lenny1
Distribution: stable
Urgency: high
Maintainer: Andreas Rottmann <[email protected]>
Changed-By: Andreas Rottmann <[email protected]>
Description:
libserveez-0.1.5 - GNU Serveez server framework -- shared library
libserveez-dev - GNU Serveez server framework -- development files
serveez - GNU Serveez server framework -- server executable
serveez-doc - GNU Serveez server framework -- documentation
Closes: 540657
Changes:
serveez (0.1.5-2.1+lenny1) stable; urgency=high
.
* Applied patch to fix HTTP remote buffer overflow (closes: #540657).
Checksums-Sha1:
9424b419483ac0eea77e746b352dd31553dffbe8 1093 serveez_0.1.5-2.1+lenny1.dsc
2883ec0f85c3cd07badc051115d67c06760f2ccc 3117 serveez_0.1.5-2.1+lenny1.diff.gz
c465702d133b7f4bbf36e72f0ef2d7da4d046ead 214452
serveez-doc_0.1.5-2.1+lenny1_all.deb
09f833b18e04774f060bd5d06cedface2dde50fb 145222
serveez_0.1.5-2.1+lenny1_amd64.deb
10f038a084572858f3ab0de6cb3dea7607fcd6a5 130308
libserveez-dev_0.1.5-2.1+lenny1_amd64.deb
cc5fc7cd39e60119a5a74ca2e7e8869e984c7061 90850
libserveez-0.1.5_0.1.5-2.1+lenny1_amd64.deb
Checksums-Sha256:
3ba40a77849c3456d71e781a1080b5c4fe70a0bfe18e091622fd8489f2c74537 1093
serveez_0.1.5-2.1+lenny1.dsc
3178e89abe94fd56379d71de5078c0aee80baeb7aaaf5ac8abfe1719c1fd16c8 3117
serveez_0.1.5-2.1+lenny1.diff.gz
7297ab0fb3efe011a2888399998cab69dfcbbc86720a260562115580f0123057 214452
serveez-doc_0.1.5-2.1+lenny1_all.deb
414f589f352cfee0cd413b409b93387145d74563efdd5cb6a5cece3a439b3307 145222
serveez_0.1.5-2.1+lenny1_amd64.deb
a69f36d921d56e77aa18a0c50005f6e497c49a09fcd94099a38522cad488c7f3 130308
libserveez-dev_0.1.5-2.1+lenny1_amd64.deb
2d96e701d5dea3f908406063ba9c79097a3660023ae53b12e6a3d784f0ddfaa5 90850
libserveez-0.1.5_0.1.5-2.1+lenny1_amd64.deb
Files:
207fa7d2864d1960f144f719ed8a7e8f 1093 devel optional
serveez_0.1.5-2.1+lenny1.dsc
6f000db1e14c8bc33c85637ae8e43752 3117 devel optional
serveez_0.1.5-2.1+lenny1.diff.gz
c166d1dfdf8d6a5bbc3f89709e39f12f 214452 doc optional
serveez-doc_0.1.5-2.1+lenny1_all.deb
078f794393d3c2bfbfc544c79dcf03b5 145222 net optional
serveez_0.1.5-2.1+lenny1_amd64.deb
693d7c51876e99ebac3a8747f32afc2f 130308 devel optional
libserveez-dev_0.1.5-2.1+lenny1_amd64.deb
bb8d1dc1066af3bc5e0319eccb07a88f 90850 libs optional
libserveez-0.1.5_0.1.5-2.1+lenny1_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAkqlCsgACgkQIsgn9zWpkudnswCeIR7eaIB2f+9PqjmY4gOGFgSE
XeQAoKI7spBCUtlqTODdDZVH6KMJuKn9
=35NQ
-----END PGP SIGNATURE-----
--- End Message ---
