Your message dated Mon, 03 Apr 2017 01:19:02 +0000 with message-id <e1cuqe6-0007wc...@fasolo.debian.org> and subject line Bug#854739: fixed in sleekxmpp 1.3.1-6 has caused the Debian Bug report #854739, regarding CVE-2017-5591 to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 854739: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854739 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Source: sleekxmpp Severity: grave Tags: security Please see http://seclists.org/oss-sec/2017/q1/373 Cheers, Moritz
--- End Message ---
--- Begin Message ---Source: sleekxmpp Source-Version: 1.3.1-6 We believe that the bug you reported is fixed in the latest version of sleekxmpp, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 854...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. W. Martin Borgert <deba...@debian.org> (supplier of updated sleekxmpp package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Mon, 03 Apr 2017 00:04:06 +0000 Source: sleekxmpp Binary: python-sleekxmpp python3-sleekxmpp Architecture: source all Version: 1.3.1-6 Distribution: unstable Urgency: medium Maintainer: Debian Python Modules Team <python-modules-team@lists.alioth.debian.org> Changed-By: W. Martin Borgert <deba...@debian.org> Description: python-sleekxmpp - Python XMPP (Jabber) Library Implementing Everything as a Plugin python3-sleekxmpp - Python XMPP (Jabber) Library Implementing Everything as a Plugin Closes: 851900 854739 Changes: sleekxmpp (1.3.1-6) unstable; urgency=medium . * Fix CVE-2017-5591: An incorrect implementation of XEP-0280: Message Carbons in slixmpp allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display. This allows for various kinds of social engineering attacks. (Closes: #854739) * Use ssl.get_protocol_name() to find out which TLS version is in use (allows the latest TLS versions to be used as well as any future versions). (Closes: #851900) Checksums-Sha1: 76f78eb0aacf649edffa1d125c23bd4a037ba384 2248 sleekxmpp_1.3.1-6.dsc 4a39d410a9f95421ebbc7208a8cb168011bcecec 22728 sleekxmpp_1.3.1-6.debian.tar.xz 668cc295b69cb5eada1fda6f0a5fb0c7b6c756b4 196850 python-sleekxmpp_1.3.1-6_all.deb f8f8cc6e63846db00d6b84f104092486fd8dbb52 196976 python3-sleekxmpp_1.3.1-6_all.deb 2d9c736b969430b5c89a4edc7be2f9bc1d1d7712 6607 sleekxmpp_1.3.1-6_amd64.buildinfo Checksums-Sha256: f7bfab876624cca956746ec6fa5170106896f329e63ed865b6930e9ba20a30ac 2248 sleekxmpp_1.3.1-6.dsc 2ca64867efc7ee566b63f8421eaaf988cc0a4644f2e92df56ef519c94dc271ce 22728 sleekxmpp_1.3.1-6.debian.tar.xz e082e51fd0398c0a968c5e5f67387fbdfd5849e31a025a87659e75c5c4e64219 196850 python-sleekxmpp_1.3.1-6_all.deb 811c6a2b9c8ddd12feb65960f26e6e16dd41ad48af83fd142b4d162823dca4ed 196976 python3-sleekxmpp_1.3.1-6_all.deb 957c1099dab2c4e77bcd395f6e40dd7725bf23686030445d10d5346a98f476bf 6607 sleekxmpp_1.3.1-6_amd64.buildinfo Files: 8b4db7d35c72099cb4f18e9b5fb8f5eb 2248 python optional sleekxmpp_1.3.1-6.dsc 5a8d7dfbe766887661ecda26ce701e5f 22728 python optional sleekxmpp_1.3.1-6.debian.tar.xz 21c3dfa2e0dcda2ddf3941e6474362ca 196850 python optional python-sleekxmpp_1.3.1-6_all.deb bc53d4a7ff4a744808dd076a9a6087b1 196976 python optional python3-sleekxmpp_1.3.1-6_all.deb e3b3326299751d70ee8436650942ba04 6607 python optional sleekxmpp_1.3.1-6_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEftHeo0XZoKEY1KdA4+Chwoa5Y+oFAljhnvoACgkQ4+Chwoa5 Y+pBUQ//VU9jsUVE/oJw82VCfWXTgG/shEvIG+mxgjoqCt8dyg9+IZII9e8Y+EEg TVNYpL2lo4FMwzhsq8gTYV26cGtYPS27fHd/8gl+M58zbkswZWABzJrBm6VcrVhZ MazuFo88sWUaWNKP6vuTE1Gajfuz03mXYYtYy2eYW1wAOIA+ozqdkB8cSWNHla+s d6PTRnsoQBtoDggYohQLd5e2JOD4rBuHxnsr8RfR3m3f5X6Ni1vjF/tjSqyqKam6 WrdL4DlvN2fahuqDn+mZz15Gy9cpkAMh8zsrr0d9C9flKMp73pLpvGzGlqFvwOqm VSfHo3bfaohWV1R/bbzrK07WFl7KJrWkHGJL9qyhv+8E1rgD61jGQtZ3FN/toazU THOyzoFUUL8Vj3idbXVfmTnKsgNCPO2EAoXvowutNA9jlqFPczelbr5HJZL/WF6G R0ao/hEonIZpVcZee2nXlXt/JycPsJDwWm+yf4l6qF7ydjhKg4QP8EKtJtkxGzsQ GkHqFvKIq6WbJxjs9OPL8o8VfSO1Yyw+o2DexI8sym75SxDQREEcUBqoSCZKX97Q XYtjWEfPjkmYgBSGLvKTr2Hn1GrtUekwTsIbi4JaSpozS8bri+lrzkqzkiAh1B7a tGggbmbnSmB+rP+MiXhWw8j290X1q1ijfEYak/I0YV9xLL8aLeE= =2PLp -----END PGP SIGNATURE-----
--- End Message ---
_______________________________________________ Python-modules-team mailing list Python-modules-team@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/python-modules-team
