Your message dated Thu, 21 Apr 2011 01:55:13 +0000
with message-id <e1qcj6v-0000vj...@franck.debian.org>
and subject line Bug#622674: fixed in doctrine 1.2.2-2+squeeze1
has caused the Debian Bug report #622674,
regarding CVE-2011-1522: SQL injection
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
622674: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=622674
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: doctrine
Severity: grave
Tags: security
Please see http://www.doctrine-project.org/blog/doctrine-security-fix
This has been assigned CVE-2011-1522.
Cheers,
Moritz
-- System Information:
Debian Release: wheezy/sid
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.38-1-amd64 (SMP w/2 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
--- End Message ---
--- Begin Message ---
Source: doctrine
Source-Version: 1.2.2-2+squeeze1
We believe that the bug you reported is fixed in the latest version of
doctrine, which is due to be installed in the Debian FTP archive:
doctrine_1.2.2-2+squeeze1.debian.tar.gz
to main/d/doctrine/doctrine_1.2.2-2+squeeze1.debian.tar.gz
doctrine_1.2.2-2+squeeze1.dsc
to main/d/doctrine/doctrine_1.2.2-2+squeeze1.dsc
doctrine_1.2.2-2+squeeze1_all.deb
to main/d/doctrine/doctrine_1.2.2-2+squeeze1_all.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 622...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Federico Gimenez Nieto <fgime...@coit.es> (supplier of updated doctrine package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Tue, 19 Apr 2011 18:06:50 +0200
Source: doctrine
Binary: doctrine
Architecture: source all
Version: 1.2.2-2+squeeze1
Distribution: stable-security
Urgency: high
Maintainer: Debian Symfony Maintainers
<pkg-symfony-ma...@lists.alioth.debian.org>
Changed-By: Federico Gimenez Nieto <fgime...@coit.es>
Description:
doctrine - Tool for object-relational mapping in PHP
Closes: 622674
Changes:
doctrine (1.2.2-2+squeeze1) stable-security; urgency=high
.
* Applied fixes from 1.2.4 upstream version due to CVE 2011-1522
(closes: #622674)
Checksums-Sha1:
ce2f2be94ee59ef9452b27195c900cf93ac8bef3 1583 doctrine_1.2.2-2+squeeze1.dsc
b5099a77163e18579f52b34ff55423c58ddc29ea 663317 doctrine_1.2.2.orig.tar.gz
e5771b09278ff018baf6b8f2f09740f71d1bbc2b 4880
doctrine_1.2.2-2+squeeze1.debian.tar.gz
fb74ad2f74f32a8ec5af57e5e87f9a7a9b3bdcf3 389686
doctrine_1.2.2-2+squeeze1_all.deb
Checksums-Sha256:
31f82051eab40e64ed7b14e1332c88482aae2ab1b59c83b612f70b6e016643ac 1583
doctrine_1.2.2-2+squeeze1.dsc
cc89493bd3c8fea694286972bd49d0146f72275eb51f7e98e920502f128579b8 663317
doctrine_1.2.2.orig.tar.gz
f470c5fb0649facdc1e056885b937b3e497237fa0fed2f36beda046a21368ca4 4880
doctrine_1.2.2-2+squeeze1.debian.tar.gz
30aecbcc7fde8e8c9a6600da4f598809ab2ac9e77e14031437689efa6b156e49 389686
doctrine_1.2.2-2+squeeze1_all.deb
Files:
735a8be329287a29cccc104209d74146 1583 php optional
doctrine_1.2.2-2+squeeze1.dsc
a82734fad4476da2d42def97c5e7c898 663317 php optional doctrine_1.2.2.orig.tar.gz
55bc8dcaa70165d3612ce4aefb20053b 4880 php optional
doctrine_1.2.2-2+squeeze1.debian.tar.gz
0c7e8cf6b573dff875ff35a16719c9a3 389686 php optional
doctrine_1.2.2-2+squeeze1_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iQEcBAEBAgAGBQJNryXEAAoJEL97/wQC1SS+48YIAJD/R5i/idmgeMSCLYGT0ref
4iLyrs1yreDVVQOAA0/j/jDtmA4y2z78Rdd/r0Rl6PCxO53pxO55XSYVE1vQmK8e
GPZnc/LYoEcoPdGAG/nQB5CFGGZoeFj3hBZbOvwOwc/A3/Ea+86AslUGVDAIDgzQ
uGiqFskO9ETRnjCZC1oIL+pwp9Vsx/9eUWqiY4V4lF3RimiTPnuUTT5XCmebBZm6
+pNT21CzM2+1EjweSy3/hR1vVc8n22VNNGlpGNp0ftnj26uv5Q8lo6L8p2lZ6FO4
JL4rSnLHn3agDGRaZMDm1umpqpZwkIh3zd84Hjz69s7GexQYgEkHKwt1fsI9smY=
=RyG5
-----END PGP SIGNATURE-----
--- End Message ---