Your message dated Mon, 21 Nov 2005 15:32:06 -0800
with message-id <[EMAIL PROTECTED]>
and subject line Bug#338436: fixed in sylpheed-claws 1.0.5-2
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--------------------------------------
Received: (at submit) by bugs.debian.org; 10 Nov 2005 09:17:31 +0000
>From [EMAIL PROTECTED] Thu Nov 10 01:17:31 2005
Return-path: <[EMAIL PROTECTED]>
Received: from inutil.org ([193.22.164.111]
helo=vserver151.vserver151.serverflex.de)
by spohr.debian.org with esmtp (Exim 4.50)
id 1Ea8Yl-0002v6-Gv
for [EMAIL PROTECTED]; Thu, 10 Nov 2005 01:17:31 -0800
Received: from wlan-client-280.informatik.uni-bremen.de ([134.102.117.30]
helo=localhost.localdomain)
by vserver151.vserver151.serverflex.de with esmtpsa
(TLS-1.0:RSA_AES_256_CBC_SHA:32)
(Exim 4.50)
id 1Ea8Yk-000191-Gt
for [EMAIL PROTECTED]; Thu, 10 Nov 2005 10:17:30 +0100
Received: from jmm by localhost.localdomain with local (Exim 4.54)
id 1Ea8Yl-0001vc-QR; Thu, 10 Nov 2005 10:17:31 +0100
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: Moritz Muehlenhoff <[EMAIL PROTECTED]>
To: Debian Bug Tracking System <[EMAIL PROTECTED]>
Subject: sylpheed-claws: Buffer overflow in LDIF/pine/mutt import
X-Mailer: reportbug 3.17
Date: Thu, 10 Nov 2005 10:17:31 +0100
X-Debbugs-Cc: Debian Security Team <[EMAIL PROTECTED]>
Message-Id: <[EMAIL PROTECTED]>
X-SA-Exim-Connect-IP: 134.102.117.30
X-SA-Exim-Mail-From: [EMAIL PROTECTED]
X-SA-Exim-Scanned: No (on vserver151.vserver151.serverflex.de); SAEximRunCond
expanded to false
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Level:
X-Spam-Status: No, hits=-11.0 required=4.0 tests=BAYES_00,HAS_PACKAGE,
X_DEBBUGS_CC autolearn=ham version=2.60-bugs.debian.org_2005_01_02
Package: sylpheed-claws
Severity: grave
Tags: security
Justification: user security hole
Buffer overflows have been found in Sylpheed-Claws's LDID/pine/mutt
address book import features. Quoting from the 1.9.100 release
announcement:
* Buffer overflows in the address book 'Import LDIF/Mutt/Pine file'
functions were fixed. This was a security hole. It only affected
these address book import functions, but we recommend that everyone
upgrade.
Cheers,
Moritz
-- System Information:
Debian Release: testing/unstable
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.14-1-686
Locale: LANG=C, [EMAIL PROTECTED] (charmap=ISO-8859-15)
---------------------------------------
Received: (at 338436-close) by bugs.debian.org; 21 Nov 2005 23:32:29 +0000
>From [EMAIL PROTECTED] Mon Nov 21 15:32:29 2005
Return-path: <[EMAIL PROTECTED]>
Received: from katie by spohr.debian.org with local (Exim 4.50)
id 1EeL8o-0003S4-Pn; Mon, 21 Nov 2005 15:32:06 -0800
From: Ricardo Mones <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
X-Katie: $Revision: 1.56 $
Subject: Bug#338436: fixed in sylpheed-claws 1.0.5-2
Message-Id: <[EMAIL PROTECTED]>
Sender: Archive Administrator <[EMAIL PROTECTED]>
Date: Mon, 21 Nov 2005 15:32:06 -0800
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Level:
X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER
autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-CrossAssassin-Score: 2
Source: sylpheed-claws
Source-Version: 1.0.5-2
We believe that the bug you reported is fixed in the latest version of
sylpheed-claws, which is due to be installed in the Debian FTP archive:
libsylpheed-claws-dev_1.0.5-2_i386.deb
to pool/main/s/sylpheed-claws/libsylpheed-claws-dev_1.0.5-2_i386.deb
sylpheed-claws-clamav_1.0.5-2_i386.deb
to pool/main/s/sylpheed-claws/sylpheed-claws-clamav_1.0.5-2_i386.deb
sylpheed-claws-dillo-viewer_1.0.5-2_i386.deb
to pool/main/s/sylpheed-claws/sylpheed-claws-dillo-viewer_1.0.5-2_i386.deb
sylpheed-claws-i18n_1.0.5-2_all.deb
to pool/main/s/sylpheed-claws/sylpheed-claws-i18n_1.0.5-2_all.deb
sylpheed-claws-image-viewer_1.0.5-2_i386.deb
to pool/main/s/sylpheed-claws/sylpheed-claws-image-viewer_1.0.5-2_i386.deb
sylpheed-claws-pgpmime_1.0.5-2_i386.deb
to pool/main/s/sylpheed-claws/sylpheed-claws-pgpmime_1.0.5-2_i386.deb
sylpheed-claws-plugins_1.0.5-2_all.deb
to pool/main/s/sylpheed-claws/sylpheed-claws-plugins_1.0.5-2_all.deb
sylpheed-claws-scripts_1.0.5-2_all.deb
to pool/main/s/sylpheed-claws/sylpheed-claws-scripts_1.0.5-2_all.deb
sylpheed-claws-spamassassin_1.0.5-2_i386.deb
to pool/main/s/sylpheed-claws/sylpheed-claws-spamassassin_1.0.5-2_i386.deb
sylpheed-claws-trayicon_1.0.5-2_i386.deb
to pool/main/s/sylpheed-claws/sylpheed-claws-trayicon_1.0.5-2_i386.deb
sylpheed-claws_1.0.5-2.diff.gz
to pool/main/s/sylpheed-claws/sylpheed-claws_1.0.5-2.diff.gz
sylpheed-claws_1.0.5-2.dsc
to pool/main/s/sylpheed-claws/sylpheed-claws_1.0.5-2.dsc
sylpheed-claws_1.0.5-2_i386.deb
to pool/main/s/sylpheed-claws/sylpheed-claws_1.0.5-2_i386.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Ricardo Mones <[EMAIL PROTECTED]> (supplier of updated sylpheed-claws package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Mon, 21 Nov 2005 00:37:51 +0100
Source: sylpheed-claws
Binary: sylpheed-claws sylpheed-claws-trayicon sylpheed-claws-pgpmime
sylpheed-claws-scripts libsylpheed-claws-dev sylpheed-claws-clamav
sylpheed-claws-dillo-viewer sylpheed-claws-plugins sylpheed-claws-i18n
sylpheed-claws-spamassassin sylpheed-claws-image-viewer
Architecture: source i386 all
Version: 1.0.5-2
Distribution: unstable
Urgency: high
Maintainer: Ricardo Mones <[EMAIL PROTECTED]>
Changed-By: Ricardo Mones <[EMAIL PROTECTED]>
Description:
libsylpheed-claws-dev - Development files to build plugins for Sylpheed-Claws
sylpheed-claws - Extended version of the Sylpheed mail client
sylpheed-claws-clamav - Clam AntiVirus plugin for Sylpheed Claws
sylpheed-claws-dillo-viewer - HTML viewer plugin for Sylpheed Claws using Dillo
sylpheed-claws-i18n - Locale data for Sylpheed Claws (i18n support)
sylpheed-claws-image-viewer - Image viewer plugin for Sylpheed Claws
sylpheed-claws-pgpmime - PGP/MIME plugin for Sylpheed Claws
sylpheed-claws-plugins - Various plugins for the Sylpheed Claws mail client
sylpheed-claws-scripts - Helper scripts for Sylpheed and Sylpheed Claws
sylpheed-claws-spamassassin - SpamAssassin plugin for Sylpheed Claws
sylpheed-claws-trayicon - Notification area plugin for Sylpheed Claws
Closes: 338436 340027
Changes:
sylpheed-claws (1.0.5-2) unstable; urgency=high
.
* Security upload (Closes: #338436)
- Fixes CVE-2005-3354: Arbitrary code execution in Sylpheed
Patch thanks Martin Schulze <[EMAIL PROTECTED]>
* debian/control
- Built with libreadline5-dev.
- Removed circular dependency with i18n (Closes: #340027)
Files:
528151ae8822a51664aa63acb4bf608f 1270 mail optional sylpheed-claws_1.0.5-2.dsc
449b1564c4e4ee0f938d85d371161430 29129 mail optional
sylpheed-claws_1.0.5-2.diff.gz
9041d0e0c2b144576441d61b68ccc4b9 108526 mail optional
sylpheed-claws-plugins_1.0.5-2_all.deb
db069db52ff3ed35d6ea036be982c422 167326 mail optional
sylpheed-claws-scripts_1.0.5-2_all.deb
96fc4bc8fb9ece569feb79f34e6c0f10 1188586 mail optional
sylpheed-claws-i18n_1.0.5-2_all.deb
fd14960e2ac20058ecfc26acd3ff33f0 916278 mail optional
sylpheed-claws_1.0.5-2_i386.deb
e9651190a88240d59131662f90a26f69 197484 devel optional
libsylpheed-claws-dev_1.0.5-2_i386.deb
3ea504ab11cd10860b9b9f938926fd1e 118030 mail optional
sylpheed-claws-clamav_1.0.5-2_i386.deb
4551ae6df25be2fa6381e75c3a7a05d6 115052 mail optional
sylpheed-claws-dillo-viewer_1.0.5-2_i386.deb
b0ae92e907960cae5157cfe8577a3711 115704 mail optional
sylpheed-claws-image-viewer_1.0.5-2_i386.deb
8ee5c9d638fb4a9db86a2a8fb89133af 126582 mail optional
sylpheed-claws-spamassassin_1.0.5-2_i386.deb
53047b7300f62736bb163cc82972bab5 121646 mail optional
sylpheed-claws-trayicon_1.0.5-2_i386.deb
7b82913171ca500664b5064691de9e12 129368 mail optional
sylpheed-claws-pgpmime_1.0.5-2_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
iD8DBQFDglZbt1anjIgqbEsRAiUGAJ9N5Ceg+/1zoj5P/jbmRXxQAqgQ2wCeNlQv
qAO6O3YQuj6rfm0xlpJQXC4=
=YDfA
-----END PGP SIGNATURE-----
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
