[Pkg-zope-developers] Bug#196590: marked as done (stable is missing
several security updates)
Debian Bug Tracking System
owner at bugs.debian.org
Tue Oct 18 03:18:03 UTC 2005
Your message dated Mon, 17 Oct 2005 21:03:32 -0400
with message-id <20051018010332.GA26708 at kitenet.net>
and subject line adding correct version fixed information again
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--------------------------------------
Received: (at submit) by bugs.debian.org; 8 Jun 2003 09:57:41 +0000
>From jamie at audible.transient.net Sun Jun 08 04:57:40 2003
Return-path: <jamie at audible.transient.net>
Received: from audible.transient.net [66.93.40.125]
by master.debian.org with smtp (Exim 3.35 1 (Debian))
id 19Owvj-0007Eq-00; Sun, 08 Jun 2003 04:57:39 -0500
Received: (qmail 927 invoked from network); 8 Jun 2003 09:57:38 -0000
Received: from stink-foot.audible.transient.net (192.168.2.42)
by murdock.audible.transient.net with QMQP; 8 Jun 2003 09:57:38 -0000
Received: (nullmailer pid 31492 invoked by uid 1000);
Sun, 08 Jun 2003 09:56:58 -0000
Date: Sun, 8 Jun 2003 02:56:58 -0700
From: Jamie Heilman <jamie at audible.transient.net>
To: submit at bugs.debian.org
Subject: stable is missing several security updates
Message-ID: <20030608095658.GB31349 at audible.transient.net>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.5.4i
Delivered-To: submit at bugs.debian.org
X-Spam-Status: No, hits=-12.3 required=4.0
tests=BAYES_10,HAS_PACKAGE,USER_AGENT_MUTT
autolearn=ham version=2.53-bugs.debian.org_2003_05_24
X-Spam-Level:
X-Spam-Checker-Version: SpamAssassin 2.53-bugs.debian.org_2003_05_24 (1.174.2.15-2003-03-30-exp)
Package: zope
Version: 2.5.1-1
Tags: security
Severity: grave
Zope in Debian stable has not been actively maintained wrt security
fixes. Since 2.5.1's release several problems have been found and
addressed by upstream, a summary of issues is available at
http://collector.zope.org/Zope/collector_contents?searching=yep&status%3Alist%3Aignore_empty=Accepted&status%3Alist%3Aignore_empty=Deferred&status%3Alist%3Aignore_empty=Pending&status%3Alist%3Aignore_empty=Resolved&security_related%3Alist%3Aignore_empty=Yes
The bugs start getting interesting around 359. In addition to those
there is the App.Permissions issue which has been fixed in CVS and
detailed in a thread you can read at
http://marc.theaimsgroup.com/?t=105407052400003&r=1&w=2 and an ongoing
issue with Versions, being discussed on the zope-dev currently, see:
http://marc.theaimsgroup.com/?t=105489344400006&r=1&w=2 and
http://marc.theaimsgroup.com/?t=105467774500008&r=1&w=2
--
Jamie Heilman http://audible.transient.net/~jamie/
"...thats the metaphorical equivalent of flopping your wedding tackle
into a lion's mouth and flicking his lovespuds with a wet towel, pure
insanity..." -Rimmer
---------------------------------------
Received: (at 196590-done) by bugs.debian.org; 18 Oct 2005 01:03:37 +0000
>From joey at kitenet.net Mon Oct 17 18:03:37 2005
Return-path: <joey at kitenet.net>
Received: from kitenet.net [64.62.161.42] (postfix)
by spohr.debian.org with esmtp (Exim 3.36 1 (Debian))
id 1ERftB-0003Ax-00; Mon, 17 Oct 2005 18:03:37 -0700
Received: from dragon.kitenet.net (97-148-dial.xtn.net [66.118.97.148])
(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
(Client CN "Joey Hess", Issuer "Joey Hess" (verified OK))
by kitenet.net (Postfix) with ESMTP id 18BB31816D;
Tue, 18 Oct 2005 01:03:32 +0000 (GMT)
Received: by dragon.kitenet.net (Postfix, from userid 1000)
id D541DBF0AA; Mon, 17 Oct 2005 21:03:32 -0400 (EDT)
Date: Mon, 17 Oct 2005 21:03:32 -0400
From: Joey Hess <joeyh at debian.org>
To: Jamie Heilman <jamie at audible.transient.net>,
196590-done at bugs.debian.org
Subject: adding correct version fixed information again
Message-ID: <20051018010332.GA26708 at kitenet.net>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
protocol="application/pgp-signature"; boundary="FCuugMFkClbJLl1L"
Content-Disposition: inline
User-Agent: Mutt/1.5.11
Delivered-To: 196590-done at bugs.debian.org
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Level:
X-Spam-Status: No, hits=-3.0 required=4.0 tests=BAYES_00 autolearn=no
version=2.60-bugs.debian.org_2005_01_02
--FCuugMFkClbJLl1L
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
Version: 2.6.4-1.8
> > It has been marked as closed by one of the developers, namely
> > Joey Hess <joeyh at debian.org>.
>=20
> Again, please leave this bug open until Woody is deprecated by the
> security team and all bets are officially off. It affects Woody's
> zope, it has not been fixed in Woody, nor will it be, and it was
> tagged appropriately. Thanks.
This bug does not apply to the version of zope in unstable, therefore it is
completly approprite to add information to the bug tracking system to that
effect. Reopening this bug as you have done just removes that correct
information from the BTS.=20
Please familiaririse yourself with all recent changes to the BTS before
replying to this email or removing state from the BTS again.
--=20
see shy jo
--FCuugMFkClbJLl1L
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
iD8DBQFDVEnjd8HHehbQuO8RAqS/AJ9rTjUYawphS02J8At3ycF9QoSkxwCgu1pS
bKkFq+vjW8PNWVh6FIMsIis=
=QVV2
-----END PGP SIGNATURE-----
--FCuugMFkClbJLl1L--
More information about the Pkg-zope-developers
mailing list