[Pkg-zope-developers] Bug#334055: marked as done (zope2.7: security issue with docutils wrt RestructuredText functionalities (Zope Hotfix 2005-10-09))

Debian Bug Tracking System owner at bugs.debian.org
Mon Oct 24 01:06:43 UTC 2005 

Your message dated Sun, 23 Oct 2005 16:50:14 -0700
with message-id <E1ETpbS-0007t2-00 at spohr.debian.org>
and subject line Bug#334055: fixed in zope2.7 2.7.8-1
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--------------------------------------
Received: (at submit) by bugs.debian.org; 15 Oct 2005 09:13:49 +0000
>From nachtigall at web.de Sat Oct 15 02:13:49 2005
Return-path: <nachtigall at web.de>
Received: from smtp06.web.de [217.72.192.224] 
	by spohr.debian.org with esmtp (Exim 3.36 1 (Debian))
	id 1EQi6v-0006B7-00; Sat, 15 Oct 2005 02:13:49 -0700
Received: from [84.59.50.220] (helo=localhost.localdomain)
	by smtp06.web.de with asmtp (TLSv1:DES-CBC3-SHA:168)
	(WEB.DE 4.105 #317)
	id 1EQi6Q-0006zu-00
	for submit at bugs.debian.org; Sat, 15 Oct 2005 11:13:18 +0200
Received: from jens by localhost.localdomain with local (Exim 4.50)
	id 1EQi6P-0001wx-Dq
	for submit at bugs.debian.org; Sat, 15 Oct 2005 11:13:17 +0200
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: Jens Nachtigall <nachtigall at web.de>
To: Debian Bug Tracking System <submit at bugs.debian.org>
Subject: zope2.7: security issue with docutils wrt RestructuredText functionalities
 (Zope Hotfix 2005-10-09)
X-Mailer: reportbug 3.8
Date: Sat, 15 Oct 2005 11:13:17 +0200
Message-Id: <E1EQi6P-0001wx-Dq at localhost.localdomain>
Sender: nachtigall at web.de
X-Sender: nachtigall at web.de
Delivered-To: submit at bugs.debian.org
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 
	(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Level: 
X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE 
	autolearn=no version=2.60-bugs.debian.org_2005_01_02

Package: zope2.7
Severity: grave
Justification: user security hole

Please see:
http://www.zope.org/Products/Zope/Hotfix_2005-10-09/security_alert

A patch for 2.7 is available there.


-- System Information:
Debian Release: 3.1
Architecture: i386 (i686)
Kernel: Linux 2.6.8jens01-ifplugd-b44
Locale: LANG=de_DE at euro, LC_CTYPE=de_DE at euro (charmap=ISO-8859-15)

---------------------------------------
Received: (at 334055-close) by bugs.debian.org; 24 Oct 2005 00:45:17 +0000
>From katie at spohr.debian.org Sun Oct 23 17:45:17 2005
Return-path: <katie at spohr.debian.org>
Received: from katie by spohr.debian.org with local (Exim 3.36 1 (Debian))
	id 1ETpbS-0007t2-00; Sun, 23 Oct 2005 16:50:14 -0700
From: Fabio Tranchitella <kobold at debian.org>
To: 334055-close at bugs.debian.org
X-Katie: $Revision: 1.56 $
Subject: Bug#334055: fixed in zope2.7 2.7.8-1
Message-Id: <E1ETpbS-0007t2-00 at spohr.debian.org>
Sender: Archive Administrator <katie at spohr.debian.org>
Date: Sun, 23 Oct 2005 16:50:14 -0700
Delivered-To: 334055-close at bugs.debian.org
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 
	(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Level: 
X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER 
	autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-CrossAssassin-Score: 2

Source: zope2.7
Source-Version: 2.7.8-1

We believe that the bug you reported is fixed in the latest version of
zope2.7, which is due to be installed in the Debian FTP archive:

zope2.7-sandbox_2.7.8-1_all.deb
  to pool/main/z/zope2.7/zope2.7-sandbox_2.7.8-1_all.deb
zope2.7_2.7.8-1.diff.gz
  to pool/main/z/zope2.7/zope2.7_2.7.8-1.diff.gz
zope2.7_2.7.8-1.dsc
  to pool/main/z/zope2.7/zope2.7_2.7.8-1.dsc
zope2.7_2.7.8-1_i386.deb
  to pool/main/z/zope2.7/zope2.7_2.7.8-1_i386.deb
zope2.7_2.7.8.orig.tar.gz
  to pool/main/z/zope2.7/zope2.7_2.7.8.orig.tar.gz



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 334055 at bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Fabio Tranchitella <kobold at debian.org> (supplier of updated zope2.7 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster at debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Sun, 23 Oct 2005 23:16:22 +0000
Source: zope2.7
Binary: zope2.7 zope2.7-sandbox
Architecture: source i386 all
Version: 2.7.8-1
Distribution: unstable
Urgency: low
Maintainer: Debian/Ubuntu Zope Team <pkg-zope-developers at lists.alioth.debian.org>
Changed-By: Fabio Tranchitella <kobold at debian.org>
Description: 
 zope2.7    - Open Source Web Application Server
 zope2.7-sandbox - sandbox instance for the zope2.7 web application server
Closes: 284462 313621 313621 313644 321405 324438 324439 329380 331726 332177 334055
Changes: 
 zope2.7 (2.7.8-1) unstable; urgency=low
 .
   * New upstream release (2.7.8), which closes a security hole within
     RestructuredText functionalities. (Closes: #334055)
   * debian/patches/deb-zope.conf: fixed a local security bug within
     mkzopeinstance. (Closes: #313644, #313621)
   * debian/patches/zope-sortex.dpatch: fixed bug with the function
     strcoll_nocase. (Closes: #329380)
   * debian/control: depends on debconf | debconf-2.0. (Closes: #332177)
   * Starting from this release, we won't ship anymore mkzope2.7instance
     in unstable. (Closes: #313621)
   * We do not provide templates anymore, they have been moved to zope-common.
     (Closes: #324438, #324439, #331726)
   * Close fixed-in-experimental bug reports. (Closes: #321405, #284462)
   * debian/control: set maintainer as Debian/Ubuntu Zope Team.
Files: 
 b671a639e822e0fc2f4d71b11d93d31a 850 web optional zope2.7_2.7.8-1.dsc
 7e0eaefe7e0b9a753f1dee7a73a0aca5 2952102 web optional zope2.7_2.7.8.orig.tar.gz
 65f0bf6d19e3ea7996c6c8a02f09929b 29619 web optional zope2.7_2.7.8-1.diff.gz
 efb25d0908abc7f8fd4f3adf61276422 2614030 web optional zope2.7_2.7.8-1_i386.deb
 93484f0c9d7117b2cf5a5c5c99e3c264 47740 web optional zope2.7-sandbox_2.7.8-1_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)

iD8DBQFDXByzK/juK3+WFWQRAu0PAJwLutVDeLVKWvwfoc2sB5+2sLUrQwCgk7jQ
H0ytTdNpWq+is9SmrJP9y5c=
=EPb6
-----END PGP SIGNATURE-----

More information about the Pkg-zope-developers mailing list