Bug#373803: marked as done (apache: Cross-site scripting (XSS) vulnerability in the mod_imap -- patched in upstream 1.3.35)
Your message dated Wed, 16 Sep 2009 21:32:48 +0100
with message-id <1253133168.744533.3677.nullmailer@kmos.homeip.net>
and subject line Package apache has been removed from Debian
has caused the Debian Bug report #373803,
regarding apache: Cross-site scripting (XSS) vulnerability in the mod_imap -- patched in upstream 1.3.35
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)
--
373803: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=373803
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message ---
- To: Debian Bug Tracking System <submit@bugs.debian.org>
- Subject: apache: Cross-site scripting (XSS) vulnerability in the mod_imap -- patched in upstream 1.3.35
- From: Dave Forrest <drf5n@maplepark.com>
- Date: Thu, 15 Jun 2006 12:10:11 -0400
- Message-id: <20060615161011.14353.51868.reportbug@localhost>
Package: apache
Version: 1.3.34-2
Severity: normal
Cross-site scripting (XSS) vulnerability in the mod_imap module of
Apache httpd before 1.3.35-dev and Apache httpd 2.0.x before 2.0.56-dev
allows remote attackers to inject arbitrary web script or HTML via the
Referer when using image maps.
See http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3352
-- System Information:
Debian Release: testing/unstable
APT prefers testing
APT policy: (990, 'testing'), (300, 'unstable')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.12.dsdt1000.060522
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Versions of packages apache depends on:
ii apache-common 1.3.34-2 support files for all Apache webse
ii debconf [debconf-2.0] 1.5.1 Debian configuration management sy
ii libc6 2.3.6-13 GNU C Library: Shared libraries
ii libdb4.3 4.3.29-4.1 Berkeley v4.3 Database Libraries [
ii libexpat1 1.95.8-3.2 XML parsing C library - runtime li
ii libmagic1 4.17-1 File type determination library us
ii logrotate 3.7.1-3 Log rotation utility
ii lsb-base 3.1-10 Linux Standard Base 3.1 init scrip
ii mime-support 3.36-1 MIME files 'mime.types' & 'mailcap
ii perl 5.8.8-4 Larry Wall's Practical Extraction
apache recommends no packages.
-- debconf information:
* apache/enable-suexec: false
apache/server-name: localhost
apache/document-root: /var/www
apache/server-port: 80
apache/init: true
apache/server-admin: you@your.address
--- End Message ---
--- Begin Message ---
- To: 373803-done@bugs.debian.org
- Subject: Package apache has been removed from Debian
- From: Marco Rodrigues <gothicx@sapo.pt>
- Date: Wed, 16 Sep 2009 21:32:48 +0100
- Message-id: <1253133168.744533.3677.nullmailer@kmos.homeip.net>
Version: 1.3.34-4.1+rm
You filled the bug http://bugs.debian.org/373803 in Debian BTS
against the package apache. I'm closing it at *unstable*, but it will
remain open for older distributions.
For more information about this package's removal, read
http://bugs.debian.org/418266. That bug might give the reasons why
this package was removed and suggestions of possible replacements.
Don't hesitate to reply to this mail if you have any question.
Thank you for your contribution to Debian.
--
Marco Rodrigues
--- End Message ---
Reply to: