Your message dated Tue, 18 Jun 2019 21:51:05 +0000 with message-id <e1hdm0p-000bbz...@fasolo.debian.org> and subject line Bug#929283: fixed in zookeeper 3.4.9-3+deb9u2 has caused the Debian Bug report #929283, regarding zookeeper: CVE-2019-0201: information disclosure vulnerability to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 929283: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929283 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Source: zookeeper Version: 3.4.13-1 Severity: grave Tags: security upstream Justification: user security hole Forwarded: https://issues.apache.org/jira/browse/ZOOKEEPER-1392 Control: found -1 3.4.9-3+deb9u1 Control: found -1 3.4.9-1 Hi, The following vulnerability was published for zookeeper. CVE-2019-0201[0]: Information disclosure vulnerability If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2019-0201 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0201 [1] https://issues.apache.org/jira/browse/ZOOKEEPER-1392 [2] https://www.openwall.com/lists/oss-security/2019/05/20/1 Regards, Salvatore
--- End Message ---
--- Begin Message ---Source: zookeeper Source-Version: 3.4.9-3+deb9u2 We believe that the bug you reported is fixed in the latest version of zookeeper, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 929...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Chris Lamb <la...@debian.org> (supplier of updated zookeeper package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Fri, 24 May 2019 08:57:53 +0100 Source: zookeeper Binary: libzookeeper-java zookeeper zookeeperd libzookeeper-java-doc libzookeeper-mt2 libzookeeper-st2 libzookeeper2 libzookeeper-mt-dev libzookeeper-st-dev zookeeper-bin python-zookeeper Architecture: source all amd64 Version: 3.4.9-3+deb9u2 Distribution: stretch-security Urgency: high Maintainer: Debian Java Maintainers <pkg-java-maintain...@lists.alioth.debian.org> Changed-By: Chris Lamb <la...@debian.org> Description: libzookeeper-java - Core Java libraries for zookeeper libzookeeper-java-doc - API Documentation for zookeeper libzookeeper-mt-dev - Development files for multi threaded zookeeper C bindings libzookeeper-mt2 - Multi threaded C bindings for zookeeper libzookeeper-st-dev - Development files for single threaded zookeeper C bindings libzookeeper-st2 - Single threaded C bindings for zookeeper libzookeeper2 - C bindings for zookeeper - transitional package python-zookeeper - Python bindings for zookeeper zookeeper - High-performance coordination service for distributed application zookeeper-bin - Command line utilities for zookeeper zookeeperd - Init control scripts for zookeeper Closes: 929283 Changes: zookeeper (3.4.9-3+deb9u2) stretch-security; urgency=high . * CVE-2019-0201: Prevent an information disclosure vulnerability where users who were not authorised to read data were able to view the access control list. (Closes: #929283) Checksums-Sha1: fd422563f8da1d774762931103c97e8515da3b3b 3021 zookeeper_3.4.9-3+deb9u2.dsc a0a6168dcd380c5586c8dcfa144668f7a1a21c6d 1931392 zookeeper_3.4.9.orig.tar.xz 96790de23fd6781d297276ded726d95efa1185ff 87508 zookeeper_3.4.9-3+deb9u2.debian.tar.xz cc0ae6b679b3c431bbff5768d57757478716943b 370888 libzookeeper-java-doc_3.4.9-3+deb9u2_all.deb 61657b56f6dd11792c90a29a1da3b8b61e177cdc 1360168 libzookeeper-java_3.4.9-3+deb9u2_all.deb 64fe2edb1e7c2eeeb6d90a832c18ad6ad2e603a5 90990 libzookeeper-mt-dev_3.4.9-3+deb9u2_amd64.deb 93b93d0d47773cd23f3853954a9f7a1bc328460c 112700 libzookeeper-mt2-dbgsym_3.4.9-3+deb9u2_amd64.deb 7525db2f8c22dd3db1f2d82f248852edac5d891e 75406 libzookeeper-mt2_3.4.9-3+deb9u2_amd64.deb 0fe1abc3325edfc21d551a6a91c1b16670878ccb 88248 libzookeeper-st-dev_3.4.9-3+deb9u2_amd64.deb 9d78cceb2f4c020a4c43446038cdaff1d678e1a1 105602 libzookeeper-st2-dbgsym_3.4.9-3+deb9u2_amd64.deb f9fdd7ac14042e29455c4f258cca91c4c2f78edb 72966 libzookeeper-st2_3.4.9-3+deb9u2_amd64.deb a6b739496bd7fc40c13776f9a90c77e9804f4e58 40982 libzookeeper2_3.4.9-3+deb9u2_amd64.deb 0cd165ffaefa231ca56c78010a9767f0430cae95 32352 python-zookeeper-dbgsym_3.4.9-3+deb9u2_amd64.deb 8893ba2fce4b65393c25781a8b9fc69cdc74b39d 58382 python-zookeeper_3.4.9-3+deb9u2_amd64.deb cdf4de6ac208d33dee28da1e306eaca2c63c1cb7 413390 zookeeper-bin-dbgsym_3.4.9-3+deb9u2_amd64.deb c35e5e224a75c7fd8fcd17fd6623d8bfa04c3662 94730 zookeeper-bin_3.4.9-3+deb9u2_amd64.deb 83f323ed9e982feb33809d3f8aac785f446b2ad9 141954 zookeeper_3.4.9-3+deb9u2_all.deb 6d399ec7ed1efe3ebb2a5023f746ac8c497c6b8b 17413 zookeeper_3.4.9-3+deb9u2_amd64.buildinfo 498a76e0bfabc5ca175691716314b94a345d936f 44068 zookeeperd_3.4.9-3+deb9u2_all.deb Checksums-Sha256: efbf3e61208c807edba26e62535f76527045fbeb21d18ade5b352db2c35f54ac 3021 zookeeper_3.4.9-3+deb9u2.dsc 1471e69d0b391c87208ec5a6ef5c6dbb1e31820b274b34ebd9a808940f36410b 1931392 zookeeper_3.4.9.orig.tar.xz eec0dee2d132413af212cf07eec8fe9c57737761026462b645105b44258cfe74 87508 zookeeper_3.4.9-3+deb9u2.debian.tar.xz 91711e8000dbc6066598168e4e32fd0c702666b9a41be45d3cab279d2fe3af57 370888 libzookeeper-java-doc_3.4.9-3+deb9u2_all.deb 8254de5cb5c406f0f75bd9195cbf1ef251f389fc97f3f36aa5bdb85efda992e8 1360168 libzookeeper-java_3.4.9-3+deb9u2_all.deb 417778e736a31c5fbede8bfc60bd4bf91d67a4863455829b328f9d8b4cbc85df 90990 libzookeeper-mt-dev_3.4.9-3+deb9u2_amd64.deb 463b2ac62797051501b3fce7aeb5b300ee4bf987b48941e26d807e25849d4e3d 112700 libzookeeper-mt2-dbgsym_3.4.9-3+deb9u2_amd64.deb 705707822972c9ddb575bd89e3aaf0b7777ecf2241bf72b9e28bbb2acfac8467 75406 libzookeeper-mt2_3.4.9-3+deb9u2_amd64.deb 888cee40140e31d763b1e5b84ac8d971537165a9f9f54b8112954d090c1a4b28 88248 libzookeeper-st-dev_3.4.9-3+deb9u2_amd64.deb 3f033833f6e2ea02e377e66769c0c7b26f9d350b0c0c3ec75d36f1254e9293fd 105602 libzookeeper-st2-dbgsym_3.4.9-3+deb9u2_amd64.deb cc220abb7197ecad89f1aa111ac2565647d9d0b29cc85da62ec344a79d271994 72966 libzookeeper-st2_3.4.9-3+deb9u2_amd64.deb f4ba21723801807fd61f6725c2d01a4049e7e6df1338d8c35091444a797464ce 40982 libzookeeper2_3.4.9-3+deb9u2_amd64.deb c7992e1f460167e26a751a9171776fbecff2866e4ae3c5dcc1bf7dbe51460c21 32352 python-zookeeper-dbgsym_3.4.9-3+deb9u2_amd64.deb 4f6164918249af2dd43310fe43eabcbf3e14aec1d7c0f53e55db4db6f6e325b5 58382 python-zookeeper_3.4.9-3+deb9u2_amd64.deb 2a8d2865f4cffbacdcdf2306abab859ff4762765ffe5e584da31663dbbac07aa 413390 zookeeper-bin-dbgsym_3.4.9-3+deb9u2_amd64.deb 3ed7b14aefc70368820601bd104409c630f3bf2eca35155c029449b568056ea1 94730 zookeeper-bin_3.4.9-3+deb9u2_amd64.deb dd73ac6f0bac6ebbc092958a2a4f52bf7e3c8c54f6e286365b80232b7e8f62c4 141954 zookeeper_3.4.9-3+deb9u2_all.deb 7f0d550183d3f13912b6ca757996f997c25de59e75f26946eaadc468340968c5 17413 zookeeper_3.4.9-3+deb9u2_amd64.buildinfo 0dae6405cf625dbf8ff754c87bb40d3087fde82faa398e14d8ad20d07936e0ba 44068 zookeeperd_3.4.9-3+deb9u2_all.deb Files: d1d5583f09aeabf30fc2a7268104b8b2 3021 java optional zookeeper_3.4.9-3+deb9u2.dsc d33aa506accaeade4260f1ba26ad3b8e 1931392 java optional zookeeper_3.4.9.orig.tar.xz ef1b7f910ff68518158146e962f8287e 87508 java optional zookeeper_3.4.9-3+deb9u2.debian.tar.xz a54ec72675f64d901f2d9a9e4870f7a1 370888 doc optional libzookeeper-java-doc_3.4.9-3+deb9u2_all.deb e1c0059f814aa8e1f32cdba2251335c1 1360168 java optional libzookeeper-java_3.4.9-3+deb9u2_all.deb 877092808b4841ac6827dee814a0f917 90990 libdevel optional libzookeeper-mt-dev_3.4.9-3+deb9u2_amd64.deb 81fd831b7a77c933dd8bcfe198eda242 112700 debug extra libzookeeper-mt2-dbgsym_3.4.9-3+deb9u2_amd64.deb 49433fdb5fd17ea35b7d00f44c2b6b94 75406 libs optional libzookeeper-mt2_3.4.9-3+deb9u2_amd64.deb 1cd3623e86be4861176551dd00e14fd7 88248 libdevel optional libzookeeper-st-dev_3.4.9-3+deb9u2_amd64.deb a86e32289b329bc95b6fac0d17f2c54c 105602 debug extra libzookeeper-st2-dbgsym_3.4.9-3+deb9u2_amd64.deb b64b8c3fb47688ac1dbbee9103b1f842 72966 libs optional libzookeeper-st2_3.4.9-3+deb9u2_amd64.deb 3f0cbd7d4eff0a5bc772d8662de806bd 40982 oldlibs extra libzookeeper2_3.4.9-3+deb9u2_amd64.deb d4ff32643c92c5c0926fc2181a034197 32352 debug extra python-zookeeper-dbgsym_3.4.9-3+deb9u2_amd64.deb 00b3b18bcdb7d3d79f8f580c199f4e46 58382 python optional python-zookeeper_3.4.9-3+deb9u2_amd64.deb 16b27c21c065a0c9fdeae1bd834897f7 413390 debug extra zookeeper-bin-dbgsym_3.4.9-3+deb9u2_amd64.deb cf4fd47923dd59c9e03bfe1a29f6a456 94730 misc optional zookeeper-bin_3.4.9-3+deb9u2_amd64.deb 5c4cd01b83082f579ab5edca580064eb 141954 java optional zookeeper_3.4.9-3+deb9u2_all.deb 209a4545070e7e53ba0f14ec6050d57a 17413 java optional zookeeper_3.4.9-3+deb9u2_amd64.buildinfo d7fef17d15a25d3408a087ba3b0cdc19 44068 java optional zookeeperd_3.4.9-3+deb9u2_all.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAlz31wgACgkQHpU+J9Qx Hlgm1Q//V7RxWF0cUhq1cWS44HpIwfG4dc4PM61+6IEz4h5werE6IB8BD/vWIH1K 9bzYW3wBk5xJH1H1YtZ6WajDLEMo004SL8KeiTxVTlWbZeK1W3cFt94anVpQpRIP R5qF+ZeBpWJzLICDGbGqmGnmO1Tp4N68dsMJZiVyUynYvdArSJMe+wYmyFnHh0q/ +TTZvlPkyVHVxgUpGorl8q36nNF/+iEr8pqsT+KtKYIAIG3rUuexy314m235MAy9 C+o27kt8oxBDCIdkO40U2CxFKT7B1YA8nj4Gi2rQcx50uZjfOnlufInl7+zFkOfU nb64IqvSFX/+bQY2OEu/lhy4fr5Oqe1jdfDtcggI4z604sgrjoQcuu8u8cfDmiLN PRg/7ITwIbqg6V6GSMBBBgsXgqYlIXqBAWP53gGVqXRX1eLSNsJ6X+W1TEfD7RfN jDAr/rkvEbh7ruK6SiNphk/wawNIKBkKibo0l+BxhmBSOxYTv0a2DugLCBDPK+xW f99gh0T0EmUTb7QU111ElEqps5Vs8ifRmCxj+tdgRah3uGrClVn+zDWMNWTJ5v5Q ezdHtOnxrXcmU8q3e8GOaa/QlAkk7hgoFW+Nv8lMqfZ0kUXbLzrXaOjmw/C6xCHH ecFxfP6eE28nlN+zgEzzn3pJY+Ff63jEjJkY5/72oVoPa7kfklU= =SB8+ -----END PGP SIGNATURE-----
--- End Message ---
