Your message dated Mon, 08 Feb 2016 12:49:59 +0000 with message-id <e1aslgr-0004yy...@franck.debian.org> and subject line Bug#689417: fixed in opencryptoki 3.4.1+dfsg-1 has caused the Debian Bug report #689417, regarding opencryptoki: CVE-2012-4454 CVE-2012-4455 to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 689417: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=689417 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: opencryptoki Severity: grave Tags: security Justification: user security hole Please see the thread starting at http://www.openwall.com/lists/oss-security/2012/09/07/2 for details. Cheers, Moritz
--- End Message ---
--- Begin Message ---Source: opencryptoki Source-Version: 3.4.1+dfsg-1 We believe that the bug you reported is fixed in the latest version of opencryptoki, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 689...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Dimitri John Ledkov <x...@ubuntu.com> (supplier of updated opencryptoki package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Mon, 08 Feb 2016 05:00:09 +0000 Source: opencryptoki Binary: opencryptoki libopencryptoki0 libopencryptoki-dev Architecture: source Version: 3.4.1+dfsg-1 Distribution: unstable Urgency: low Maintainer: Debian QA Group <packa...@qa.debian.org> Changed-By: Dimitri John Ledkov <x...@ubuntu.com> Description: libopencryptoki-dev - PKCS#11 implementation (development) libopencryptoki0 - PKCS#11 implementation (library) opencryptoki - PKCS#11 implementation (daemon) Closes: 689417 Changes: opencryptoki (3.4.1+dfsg-1) unstable; urgency=low . * QA upload. * Update debian/watch file. * New upstream release - Resolves CVE-2012-4454 - Resolves CVE-2012-4455 - Closes: #689417 * Drop applied upstream, or no longer applicable patches: - 02-disable-user-handling.patch - 05-build-fix-for-kbsd.patch - 06-add-whatis-entry-to-manpages.patch - 07-add-manpage-for-pkcs_slot.patch - 0009-Fix-wrong-LIB_PATH.patch - 0010-Remove-one-hardcoded-lib64-path.patch * Enable systemd units. * Drop pkcs11_startup call and opencryptoki provides from the init script, adjust PIDFILE location to /var/run/pkcsslotd.pid and source lsb init-functions. * Add bison and flex build dependencies. * Do not change group permissions during install stage of the package build. * Install new opencryptoki.conf config file. * Drop dbg package, rely on the autogenerated one instead. * Bump debhelper compat to 9. * Rename opencryptoki init file to pkcsslotd, to match actuall daemon started and the systemd unit name. * Don't use full-path check for deluser, instead just call it unconditionally on removal, it's guarded with || true anyway. * Patch spelling typos. * Drop After=syslog.target from systemd unit file. * Simplify 04-pkcsslotd-cmdline-args.patch. * Add tmpfiles snippet, and mimic same in the init.d script. * Add libica-dev build-dependency on s390x. * Set standards version to 3.9.6. Checksums-Sha1: ca94f5cbb49efdf77b35e12d5ebe6bc6d6976ed7 1725 opencryptoki_3.4.1+dfsg-1.dsc f0d9bbe84c5d9bd80fde9be4eed0c5733019743e 696217 opencryptoki_3.4.1+dfsg.orig.tar.gz fd97853d81d3529501e4981ec1c059c53a7840ba 14320 opencryptoki_3.4.1+dfsg-1.debian.tar.xz Checksums-Sha256: 1ca293565490505bf6a7f0d02c6f0b7f0a455c648a984c3c2fbeea7077c0f12d 1725 opencryptoki_3.4.1+dfsg-1.dsc 1cce3dc6586eeed41f455d04cc2c1f17bf7e71245ed8d44deb3a6f80771d195d 696217 opencryptoki_3.4.1+dfsg.orig.tar.gz 059af3f12989b562402a5ebab86a5cb0b9997039786640493700fc116010773f 14320 opencryptoki_3.4.1+dfsg-1.debian.tar.xz Files: 3d70b34a1907828a8f8a2790dbfa6bae 1725 admin optional opencryptoki_3.4.1+dfsg-1.dsc 43c4f7d6e9dfd3e145bb4c5745b36467 696217 admin optional opencryptoki_3.4.1+dfsg.orig.tar.gz b7386cc84b131fd14c69be8724c60077 14320 admin optional opencryptoki_3.4.1+dfsg-1.debian.tar.xz -----BEGIN PGP SIGNATURE----- iQEcBAEBCgAGBQJWuImnAAoJEMrC2LnNLKX5nT4H/39RxAxUQ4bS44rPwXtkyjki h1CW3LHETKmaRltKGs50baNC4nY/W41TPk2nrz4T2EXk7Kqi5dJqYt09+a0Am6lC aQkPZMAZs9jckxY3anMEKx1sIcFeZ7W9gMOY72LFnlT05Z88DqkDO4KsjPJIENhC PRuynvWwvDmVs/lgP7I6RHRgbXhl1YusysuaENWIngm3AgIsVhjNtCfW1c4o/+ke hX9PvTQyQxb6aKUKvhIo3yzx0GJ/hcTGfiVYgzMQmX6m4Ic0zKhGifZRZQDCy3Ge 3jrEIJxqakk9z0/SUBWtYpTQJaWDq017MXpP74J8AqcgwOV+F/Fv9+IBNHRY1wc= =oSs5 -----END PGP SIGNATURE-----
--- End Message ---
