Bug#799456: marked as done (openslp-dfsg: CVE-2015-5155: Packet with crafted "nextoffset" and "extid" values causes DoS)

To: Ben Hutchings <ben@decadent.org.uk>
Subject: Bug#799456: marked as done (openslp-dfsg: CVE-2015-5155: Packet with crafted "nextoffset" and "extid" values causes DoS)
From: owner@bugs.debian.org (Debian Bug Tracking System)
Date: Tue, 13 Oct 2015 21:45:07 +0000
Message-id: <[🔎] handler.799456.D799456.144477252122329.ackdone@bugs.debian.org>
References: <1444772506.31451.4.camel@decadent.org.uk> <20150919122313.1830.96619.reportbug@eldamar.local>

Your message dated Tue, 13 Oct 2015 22:41:46 +0100
with message-id <1444772506.31451.4.camel@decadent.org.uk>
and subject line Re: openslp-dfsg: CVE-2015-5155: Packet with crafted "nextoffset" and "extid" values causes DoS
has caused the Debian Bug report #799456,
regarding openslp-dfsg: CVE-2015-5155: Packet with crafted "nextoffset" and "extid" values causes DoS
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
799456: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=799456
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

To: Debian Bug Tracking System <submit@bugs.debian.org>

Subject: openslp-dfsg: CVE-2015-5155: Packet with crafted "nextoffset" and "extid" values causes DoS

From: Salvatore Bonaccorso <carnil@debian.org>

Date: Sat, 19 Sep 2015 14:23:13 +0200

Message-id: <20150919122313.1830.96619.reportbug@eldamar.local>
Source: openslp-dfsg
Version: 1.2.1-1
Severity: important
Tags: security upstream

Hi,

the following vulnerability was published for openslp-dfsg.

CVE-2015-5155[0]:
Packet with crafted "nextoffset" and "extid" values causes DoS

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2015-5155
[1] https://bugzilla.redhat.com/show_bug.cgi?id=1263769

Regards,
Salvatore
--- End Message ---

--- Begin Message ---

To: 799456-done@bugs.debian.org

Subject: Re: openslp-dfsg: CVE-2015-5155: Packet with crafted "nextoffset" and "extid" values causes DoS

From: Ben Hutchings <ben@decadent.org.uk>

Date: Tue, 13 Oct 2015 22:41:46 +0100

Message-id: <1444772506.31451.4.camel@decadent.org.uk>

In-reply-to: <20150919122313.1830.96619.reportbug@eldamar.local>

References: <20150919122313.1830.96619.reportbug@eldamar.local>
Control: notfound -1 1.2.1-1

On Sat, 19 Sep 2015 14:23:13 +0200 Salvatore Bonaccorso <carnil@debian.org> wrote:
> Source: openslp-dfsg
> Version: 1.2.1-1
> Severity: important
> Tags: security upstream
> 
> Hi,
> 
> the following vulnerability was published for openslp-dfsg.
> 
> CVE-2015-5155[0]:
> Packet with crafted "nextoffset" and "extid" values causes DoS
> 
> If you fix the vulnerability please also make sure to include the
> CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
> 
> For further information see:
> 
> [0] https://security-tracker.debian.org/tracker/CVE-2015-5155
> [1] https://bugzilla.redhat.com/show_bug.cgi?id=1263769

It's actually a duplicate of CVE-2010-3609, which is already fixed.

Ben.

-- 
Ben Hutchings
Anthony's Law of Force: Don't force it, get a larger hammer.
Attachment: signature.asc
Description: This is a digitally signed message part

--- End Message ---

Reply to:

Prev by Date: Bug#782366: marked as done (libcunit1-dev: pkg-config file is broken)
Next by Date: Processed: notfound 799456 in 1.2.1-1
Previous by thread: Bug#782366: marked as done (libcunit1-dev: pkg-config file is broken)
Next by thread: Processed: notfound 799456 in 1.2.1-1
Index(es):
- Date
- Thread