Your message dated Fri, 22 Apr 2022 14:25:18 +0200 with message-id <4f72cef0-d77c-cb69-5ca6-5425bb01a7ca@debian.org> and subject line Re: hoteldruid: CVE-2022-22909 - remote code execution vulnerability in Create New Room module v3.0.3 has caused the Debian Bug report #1009935, regarding RFS: hoteldruid/3.0.4-1 -- web-based property management system for hotels or B&Bs to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact owner@bugs.debian.org immediately.) -- 1009935: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1009935 Debian Bug Tracking System Contact owner@bugs.debian.org with problems
--- Begin Message ---
- To: submit@bugs.debian.org
- Subject: RFS: hoteldruid/3.0.4-1 -- web-based property management system for hotels or B&Bs
- From: "Marco M. F. De Santis" <marco@digitaldruid.net>
- Date: Thu, 21 Apr 2022 00:47:39 +0200
- Message-id: <[🔎] 019e6bbe-f29d-2905-e1de-47f30aead212@digitaldruid.net>
Package: sponsorship-requests Severity: normal Dear mentors, I am looking for a sponsor for my package "hoteldruid": * Package name : hoteldruid Version : 3.0.4-1 Upstream Author : Marco Maria Francesco De Santis * URL : http://www.hoteldruid.com/ * License : AGPL-3, CC0-1.0 * Vcs : None Section : web The source builds the following binary packages: hoteldruid - web-based property management system for hotels or B&BsTo access further information about this package, please visit the following URL:https://mentors.debian.net/package/hoteldruid/ Alternatively, you can download the package with 'dget' using this command:dget -x https://mentors.debian.net/debian/pool/main/h/hoteldruid/hoteldruid_3.0.4-1.dscChanges since the last upload: hoteldruid (3.0.4-1) unstable; urgency=low . * New upstream release- Fixes remote code execution, XSS and session security vulnerabilities. (Ref: CVE-2021-42949, CVE-2021-42948, CVE-2022-22909, CVE-2022-26564)* Added path to phpmailer in file costanti.php in patch debianize * debian/control: added suggest on libphp-phpmailer * debian/copyright: added Upstream-Contact Regards, -- Marco Maria Francesco De Santis
--- End Message ---
--- Begin Message ---
- To: 1006750-done@bugs.debian.org, 1009935-done@bugs.debian.org
- Subject: Re: hoteldruid: CVE-2022-22909 - remote code execution vulnerability in Create New Room module v3.0.3
- From: Bastian Germann <bage@debian.org>
- Date: Fri, 22 Apr 2022 14:25:18 +0200
- Message-id: <4f72cef0-d77c-cb69-5ca6-5425bb01a7ca@debian.org>
- In-reply-to: <164638975621.1741.14906332855826398841.reportbug@debian-sid.codehelp>
- References: <164638975621.1741.14906332855826398841.reportbug@debian-sid.codehelp> <164638975621.1741.14906332855826398841.reportbug@debian-sid.codehelp>
The new upstream version 3.0.4 was sponsored by me. Thanks for the packaging effort.
--- End Message ---