| 2010-02-02 12:04:30 |
Ante Karamatić |
bug |
|
|
added bug |
| 2010-02-04 21:11:13 |
Martin Pitt |
libesmtp (Ubuntu): status |
New |
Fix Committed |
|
| 2010-03-03 21:44:36 |
Kees Cook |
cve linked |
|
2009-2408 |
|
| 2010-03-03 21:44:48 |
Kees Cook |
libesmtp (Ubuntu): status |
Fix Committed |
Incomplete |
|
| 2010-03-03 21:57:24 |
Kees Cook |
bug watch added |
|
https://bugzilla.redhat.com/show_bug.cgi?id=510202 |
|
| 2010-03-20 15:21:44 |
Micha Lenk |
bug watch added |
|
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=572960 |
|
| 2010-03-20 15:21:44 |
Micha Lenk |
bug task added |
|
libesmtp (Debian) |
|
| 2010-03-20 15:29:41 |
Micha Lenk |
summary |
[MIR] libesmtp |
libesmtp does not check NULL bytes in commonNames of certificates |
|
| 2010-03-20 15:30:18 |
Micha Lenk |
summary |
libesmtp does not check NULL bytes in commonNames of certificates |
libesmtp does not check NULL bytes in commonNames of certificates (variant of CVE-2009-2408) |
|
| 2010-04-01 00:34:01 |
Bug Watch Updater |
libesmtp (Debian): status |
Unknown |
New |
|
| 2010-05-28 01:28:46 |
Alexander Sack |
summary |
libesmtp does not check NULL bytes in commonNames of certificates (variant of CVE-2009-2408) |
MIR fallout: libesmtp does not check NULL bytes in commonNames of certificates (variant of CVE-2009-2408) |
|
| 2010-07-13 04:01:22 |
Bug Watch Updater |
libesmtp (Debian): status |
New |
Confirmed |
|
| 2010-07-21 08:45:48 |
Bug Watch Updater |
libesmtp (Debian): status |
Confirmed |
Fix Released |
|
| 2010-07-27 21:49:09 |
Andres Rodriguez |
summary |
MIR fallout: libesmtp does not check NULL bytes in commonNames of certificates (variant of CVE-2009-2408) |
[MIR] libesmtp |
|
| 2010-07-27 21:52:08 |
Andres Rodriguez |
description |
1. Availability: amd64, armel, i386, ia64, powerpc, sparc
2. Rationale: The package helps meet https://blueprints.edge.launchpad.net/ubuntu/+spec/server-lucid-cluster-stack blueprint goal. Needed binary packages are libesmtp5 and libesmtp-dev.
3. Security: 1 old CVE: CVE-2002-1090
4. QA: 1 openssl/gnutls related bug in Debian, no bugs in Ubuntu. Upstream's last release was in 2005. URL: http://www.stafford.uklinux.net/libesmtp/
5. UI standards: none
6. Dependencies: all in main
7. Standards: no lintian warnings. Package is packaged with debhelper and uses custom developed patch system.
8. Maintenance: simple package, syncs should be enough (there were no Ubuntu changes in package history)
9. Background information: this package is one of dependencies for new cluster stack in Ubuntu. |
1. Availability: amd64, armel, i386, ia64, powerpc, sparc
2. Rationale: The package helps meet https://blueprints.edge.launchpad.net/ubuntu/+spec/server-maverick-clusterstack blueprint goal. Needed binary packages are libesmtp5 and libesmtp-dev.
3. Security: No CVEs.
Recent fix of "not check NULL bytes in commonNames of certificates" was issued in debian and already syncing into Ubuntu.
4. QA: 1 openssl/gnutls related bug in Debian, no bugs in Ubuntu. Upstream's last release was in 2005. URL: http://www.stafford.uklinux.net/libesmtp/
5. UI standards: none
6. Dependencies: all in main
7. Standards: no lintian warnings. Package is packaged with debhelper and uses custom developed patch system.
8. Maintenance: simple package, syncs should be enough (there were no Ubuntu changes in package history)
9. Background information: this package is one of dependencies for new cluster stack in Ubuntu.
|
|
| 2010-07-27 21:52:14 |
Andres Rodriguez |
libesmtp (Ubuntu): status |
Incomplete |
New |
|
| 2010-07-27 21:53:34 |
Andres Rodriguez |
libesmtp (Ubuntu): importance |
Undecided |
Wishlist |
|
| 2010-08-06 19:15:15 |
Kees Cook |
libesmtp (Ubuntu): status |
New |
In Progress |
|
| 2010-09-06 09:10:09 |
Colin Watson |
libesmtp (Ubuntu): status |
In Progress |
Fix Released |
|
