Bug#1086154: marked as done (bookworm-pu: package tgt/1:1.0.85-1+deb12u1)

To: "Adam D. Barratt" <adam@adam-barratt.org.uk>
Subject: Bug#1086154: marked as done (bookworm-pu: package tgt/1:1.0.85-1+deb12u1)
From: "Debian Bug Tracking System" <owner@bugs.debian.org>
Date: Sat, 09 Nov 2024 10:54:35 +0000
Message-id: <[🔎] handler.1086154.D1086154.17311494781069598.ackdone@bugs.debian.org>
Reply-to: 1086154@bugs.debian.org
References: <b0a29248bc631362ed06a8879f93b8cdae5414d0.camel@adam-barratt.org.uk> <173004605202.326695.18421787370967968994.reportbug@elende.valinor.li>

Your message dated Sat, 09 Nov 2024 10:51:02 +0000
with message-id <b0a29248bc631362ed06a8879f93b8cdae5414d0.camel@adam-barratt.org.uk>
and subject line Closing bugs released with 12.8
has caused the Debian Bug report #1086154,
regarding bookworm-pu: package tgt/1:1.0.85-1+deb12u1
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
1086154: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1086154
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: bookworm-pu: package tgt/1:1.0.85-1+deb12u1
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Sun, 27 Oct 2024 17:20:52 +0100
Message-id: <173004605202.326695.18421787370967968994.reportbug@elende.valinor.li>

Package: release.debian.org
Severity: normal
Tags: bookworm
X-Debbugs-Cc: tgt@packages.debian.org, David Gstir <david@sigma-star.at>, Richard Weinberger <richard@sigma-star.at>, carnil@debian.org
Control: affects -1 + src:tgt
User: release.debian.org@packages.debian.org
Usertags: pu

Hi SRM,

tgt is affected in stable by CVE-2024-45751, but it is no-dsa. I did a
while back a NMU for unstable, preparing for this bookworm-pu update
as well. Given there are no issues reported with it in unstable, now
proposing as well the bookworm update.

Description is at 
https://security-tracker.debian.org/tracker/CVE-2024-45751
https://www.openwall.com/lists/oss-security/2024/09/07/2

|The user-space iSCSI target daemon of the Linux target framework (tgt)
|uses an insecure random number generator to generate CHAP
|authentication callenges. This results in predictable challenges which
|an attacker capable of recording network traffic between iSCSI target
|and initiator can abuse to bypass CHAP authentication by replaying
|previous responses.

The patch switches to a proper entropy source.

Regards,
Salvatore

--- End Message ---

--- Begin Message ---

To: 1074088-done@bugs.debian.org, 1074126-done@bugs.debian.org, 1076473-done@bugs.debian.org, 1077668-done@bugs.debian.org, 1079689-done@bugs.debian.org, 1079733-done@bugs.debian.org, 1080363-done@bugs.debian.org, 1080402-done@bugs.debian.org, 1080968-done@bugs.debian.org, 1081034-done@bugs.debian.org, 1081035-done@bugs.debian.org, 1081169-done@bugs.debian.org, 1081317-done@bugs.debian.org, 1081343-done@bugs.debian.org, 1081388-done@bugs.debian.org, 1081389-done@bugs.debian.org, 1081394-done@bugs.debian.org, 1081399-done@bugs.debian.org, 1081410-done@bugs.debian.org, 1081413-done@bugs.debian.org, 1081418-done@bugs.debian.org, 1081750-done@bugs.debian.org, 1082024-done@bugs.debian.org, 1082153-done@bugs.debian.org, 1082155-done@bugs.debian.org, 1082322-done@bugs.debian.org, 1082701-done@bugs.debian.org, 1082710-done@bugs.debian.org, 1082746-done@bugs.debian.org, 1082783-done@bugs.debian.org, 1082902-done@bugs.debian.org, 1082935-done@bugs.debian.org, 1083026-done@bugs.debian.org, 1083090-done@bugs.debian.org, 1083162-done@bugs.debian.org, 1083223-done@bugs.debian.org, 1084171-done@bugs.debian.org, 1084845-done@bugs.debian.org, 1084907-done@bugs.debian.org, 1085026-done@bugs.debian.org, 1085176-done@bugs.debian.org, 1085227-done@bugs.debian.org, 1085281-done@bugs.debian.org, 1085430-done@bugs.debian.org, 1085591-done@bugs.debian.org, 1085708-done@bugs.debian.org, 1085711-done@bugs.debian.org, 1085965-done@bugs.debian.org, 1086116-done@bugs.debian.org, 1086149-done@bugs.debian.org, 1086151-done@bugs.debian.org, 1086154-done@bugs.debian.org, 1086157-done@bugs.debian.org, 1086163-done@bugs.debian.org, 1086164-done@bugs.debian.org, 1086193-done@bugs.debian.org, 1086207-done@bugs.debian.org, 1086601-done@bugs.debian.org, 1086611-done@bugs.debian.org, 1086613-done@bugs.debian.org, 1086632-done@bugs.debian.org, 1081535-done@bugs.debian.org

Subject: Closing bugs released with 12.8

From: "Adam D. Barratt" <adam@adam-barratt.org.uk>

Date: Sat, 09 Nov 2024 10:51:02 +0000

Message-id: <b0a29248bc631362ed06a8879f93b8cdae5414d0.camel@adam-barratt.org.uk>
Source: release.debian.org
Version: 12.8

Hi,

Each of the updates tracked by these bugs was included in today's 12.8
bookworm point release.

Regards,

Adam
--- End Message ---

Reply to:

Prev by Date: Bug#1086151: marked as done (bookworm-pu: package util-linux/2.38.1-5+deb12u2)
Next by Date: Bug#1086193: marked as done (bookworm-pu: package sumo/1.15.0+dfsg-1+deb12u1)
Previous by thread: Bug#1086151: marked as done (bookworm-pu: package util-linux/2.38.1-5+deb12u2)
Next by thread: Bug#1086193: marked as done (bookworm-pu: package sumo/1.15.0+dfsg-1+deb12u1)
Index(es):
- Date
- Thread