Debian Bug report logs - #499534
twiki: Remote code execution vulerability.

version graph

Package: twiki; Maintainer for twiki is (unknown);

Reported by: Brad Krane <bjkrane@feds.uwaterloo.ca>

Date: Fri, 19 Sep 2008 14:51:01 UTC

Severity: important

Tags: security

Found in version twiki/1:4.0.5-9.1

Fixed in version twiki/1:4.1.2-5

Done: Sven Dowideit <SvenDowideit@DistributedINFORMATION.com>

Bug is archived. No further changes may be made.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox


Report forwarded to debian-bugs-dist@lists.debian.org, Debian Security Team <team@security.debian.org>, Sven Dowideit <svenud@ozemail.com.au>:
Bug#499534; Package twiki. (Fri, 19 Sep 2008 14:51:03 GMT) Full text and rfc822 format available.

Acknowledgement sent to Brad Krane <bjkrane@feds.uwaterloo.ca>:
New Bug report received and forwarded. Copy sent to Debian Security Team <team@security.debian.org>, Sven Dowideit <svenud@ozemail.com.au>. (Fri, 19 Sep 2008 14:51:04 GMT) Full text and rfc822 format available.

Message #5 received at submit@bugs.debian.org (full text, mbox):

From: Brad Krane <bjkrane@feds.uwaterloo.ca>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: twiki: Remote code execution vulerability.
Date: Fri, 19 Sep 2008 10:47:20 -0400
Package: twiki
Version: 1:4.0.5-9.1
Severity: grave
Tags: security
Justification: user security hole


TWiki command execution vulnerability found in current version. US-CERT Vulnerability Note: 
http://www.kb.cert.org/vuls/id/362012 and TWiki Security Alert: 
http://twiki.org/cgi-bin/view/Codev/SecurityAlert-CVE-2008-3195


-- System Information:
Debian Release: 4.0
  APT prefers oldstable
  APT policy: (500, 'oldstable'), (500, 'stable')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.18-6-686
Locale: LANG=en_CA, LC_CTYPE=en_CA (charmap=ISO-8859-1)

Versions of packages twiki depends on:
ii  apache-common           1.3.34-4.1+etch1 support files for all Apache webse
ii  debconf [debconf-2.0]   1.5.11etch2      Debian configuration management sy
ii  libalgorithm-diff-perl  1.19.01-2        a perl library for finding Longest
ii  libcgi-session-perl     4.14-1           Persistent session data in CGI app
ii  libdigest-sha1-perl     2.11-1           NIST SHA-1 message digest algorith
ii  liberror-perl           0.15-8           Perl module for error/exception ha
ii  libhtml-parser-perl     3.55-1           A collection of modules that parse
ii  liblocale-maketext-lexi 0.62-1           Lexicon-handling backends for "Loc
ii  libtext-diff-perl       0.35-2           Perform diffs on files and record 
ii  liburi-perl             1.35-2           Manipulates and accesses URI strin
ii  perl [libmime-base64-pe 5.8.8-7etch3     Larry Wall's Practical Extraction 
ii  perl-modules [libnet-pe 5.8.8-7etch3     Core Perl modules
ii  rcs                     5.7-18           The GNU Revision Control System

twiki recommends no packages.

-- debconf information excluded




Information forwarded to debian-bugs-dist@lists.debian.org, Sven Dowideit <svenud@ozemail.com.au>:
Bug#499534; Package twiki. (Fri, 19 Sep 2008 18:45:03 GMT) Full text and rfc822 format available.

Acknowledgement sent to Nico Golde <nion@debian.org>:
Extra info received and forwarded to list. Copy sent to Sven Dowideit <svenud@ozemail.com.au>. (Fri, 19 Sep 2008 18:45:03 GMT) Full text and rfc822 format available.

Message #10 received at 499534@bugs.debian.org (full text, mbox):

From: Nico Golde <nion@debian.org>
To: Brad Krane <bjkrane@feds.uwaterloo.ca>, 499534@bugs.debian.org
Cc: control@bugs.debian.org
Subject: Re: Bug#499534: twiki: Remote code execution vulerability.
Date: Fri, 19 Sep 2008 20:44:15 +0200
[Message part 1 (text/plain, inline)]
severity 499534 important
thanks

Hi Brad,
* Brad Krane <bjkrane@feds.uwaterloo.ca> [2008-09-19 19:18]:
> TWiki command execution vulnerability found in current version. US-CERT Vulnerability Note: 
> http://www.kb.cert.org/vuls/id/362012 and TWiki Security Alert: 
> http://twiki.org/cgi-bin/view/Codev/SecurityAlert-CVE-2008-3195

Downgrading as the access to this script is limited to 
localhost on Debian.

Cheers
Nico
-- 
Nico Golde - http://www.ngolde.de - nion@jabber.ccc.de - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.
[Message part 2 (application/pgp-signature, inline)]

Severity set to `important' from `grave' Request was from Nico Golde <nion@debian.org> to control@bugs.debian.org. (Fri, 19 Sep 2008 18:45:05 GMT) Full text and rfc822 format available.

Information forwarded to debian-bugs-dist@lists.debian.org, Sven Dowideit <svenud@ozemail.com.au>:
Bug#499534; Package twiki. (Sat, 20 Sep 2008 01:09:03 GMT) Full text and rfc822 format available.

Acknowledgement sent to Sven Dowideit <SvenDowideit@home.org.au>:
Extra info received and forwarded to list. Copy sent to Sven Dowideit <svenud@ozemail.com.au>. (Sat, 20 Sep 2008 01:09:03 GMT) Full text and rfc822 format available.

Message #17 received at submit@bugs.debian.org (full text, mbox):

From: Sven Dowideit <SvenDowideit@home.org.au>
To: Brad Krane <bjkrane@feds.uwaterloo.ca>, 499534@bugs.debian.org
Cc: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Re: Bug#499534: twiki: Remote code execution vulerability.
Date: Sat, 20 Sep 2008 08:40:02 +1000
This is _not_ a grave severity issue in the debian package, specifically
because configure (as mentioned in the advisory) is locked down using
apache to
   1 localhost
   2 an admin user that is created by the installer.

Sven

Brad Krane wrote:
> Package: twiki
> Version: 1:4.0.5-9.1
> Severity: grave
> Tags: security
> Justification: user security hole
> 
> 
> TWiki command execution vulnerability found in current version. US-CERT Vulnerability Note: 
> http://www.kb.cert.org/vuls/id/362012 and TWiki Security Alert: 
> http://twiki.org/cgi-bin/view/Codev/SecurityAlert-CVE-2008-3195
> 
> 
> -- System Information:
> Debian Release: 4.0
>   APT prefers oldstable
>   APT policy: (500, 'oldstable'), (500, 'stable')
> Architecture: i386 (i686)
> Shell:  /bin/sh linked to /bin/bash
> Kernel: Linux 2.6.18-6-686
> Locale: LANG=en_CA, LC_CTYPE=en_CA (charmap=ISO-8859-1)
> 
> Versions of packages twiki depends on:
> ii  apache-common           1.3.34-4.1+etch1 support files for all Apache webse
> ii  debconf [debconf-2.0]   1.5.11etch2      Debian configuration management sy
> ii  libalgorithm-diff-perl  1.19.01-2        a perl library for finding Longest
> ii  libcgi-session-perl     4.14-1           Persistent session data in CGI app
> ii  libdigest-sha1-perl     2.11-1           NIST SHA-1 message digest algorith
> ii  liberror-perl           0.15-8           Perl module for error/exception ha
> ii  libhtml-parser-perl     3.55-1           A collection of modules that parse
> ii  liblocale-maketext-lexi 0.62-1           Lexicon-handling backends for "Loc
> ii  libtext-diff-perl       0.35-2           Perform diffs on files and record 
> ii  liburi-perl             1.35-2           Manipulates and accesses URI strin
> ii  perl [libmime-base64-pe 5.8.8-7etch3     Larry Wall's Practical Extraction 
> ii  perl-modules [libnet-pe 5.8.8-7etch3     Core Perl modules
> ii  rcs                     5.7-18           The GNU Revision Control System
> 
> twiki recommends no packages.
> 
> -- debconf information excluded
> 

-- 
Consulting wiki Engineer
Sven Dowideit - http://fosiki.com
A WikiRing Partner - http://wikiring.com
Public key -
http://pgp.mit.edu:11371/pks/lookup?search=Sven+Dowideit&op=index&exact=on




Information forwarded to debian-bugs-dist@lists.debian.org, Sven Dowideit <svenud@ozemail.com.au>:
Bug#499534; Package twiki. (Sat, 20 Sep 2008 01:09:07 GMT) Full text and rfc822 format available.

Acknowledgement sent to Sven Dowideit <SvenDowideit@home.org.au>:
Extra info received and forwarded to list. Copy sent to Sven Dowideit <svenud@ozemail.com.au>. (Sat, 20 Sep 2008 01:09:08 GMT) Full text and rfc822 format available.

Information forwarded to debian-bugs-dist@lists.debian.org, Sven Dowideit <svenud@ozemail.com.au>:
Bug#499534; Package twiki. (Sat, 20 Sep 2008 08:57:14 GMT) Full text and rfc822 format available.

Acknowledgement sent to Olivier Berger <olivier.berger@it-sudparis.eu>:
Extra info received and forwarded to list. Copy sent to Sven Dowideit <svenud@ozemail.com.au>. (Sat, 20 Sep 2008 08:57:14 GMT) Full text and rfc822 format available.

Message #27 received at 499534@bugs.debian.org (full text, mbox):

From: Olivier Berger <olivier.berger@it-sudparis.eu>
To: 499534@bugs.debian.org
Subject: Re: Bug#499534: twiki: Remote code execution vulerability.
Date: Sat, 20 Sep 2008 10:32:41 +0200
On Sat, Sep 20, 2008 at 08:40:02AM +1000, Sven Dowideit wrote:
> This is _not_ a grave severity issue in the debian package, specifically
> because configure (as mentioned in the advisory) is locked down using
> apache to
>    1 localhost
>    2 an admin user that is created by the installer.
> 

... well, at least for version in lenny (4.1.2-4), since we have fixed #485562 previously (I'm glad we did, then ;).

Just my 2 cents.

Best regards,




Information forwarded to debian-bugs-dist@lists.debian.org, Sven Dowideit <svenud@ozemail.com.au>:
Bug#499534; Package twiki. (Tue, 07 Oct 2008 12:42:02 GMT) Full text and rfc822 format available.

Acknowledgement sent to Nico Golde <nion@debian.org>:
Extra info received and forwarded to list. Copy sent to Sven Dowideit <svenud@ozemail.com.au>. (Tue, 07 Oct 2008 12:42:02 GMT) Full text and rfc822 format available.

Message #32 received at 499534@bugs.debian.org (full text, mbox):

From: Nico Golde <nion@debian.org>
To: 499534@bugs.debian.org
Subject: Re: Bug#499534: twiki: Remote code execution vulerability.
Date: Tue, 7 Oct 2008 14:38:31 +0200
Hi Sven,
* Olivier Berger <olivier.berger@it-sudparis.eu> [2008-09-20 12:30]:
> On Sat, Sep 20, 2008 at 08:40:02AM +1000, Sven Dowideit wrote:
> > This is _not_ a grave severity issue in the debian package, specifically
> > because configure (as mentioned in the advisory) is locked down using
> > apache to
> >    1 localhost
> >    2 an admin user that is created by the installer.
> > 
> 
> ... well, at least for version in lenny (4.1.2-4), since we have fixed #485562 previously (I'm glad we did, then ;).

It would be still nice if this could be fixed... even if 
this is not a grave issue.

Cheers
Nico
-- 
Nico Golde - http://www.ngolde.de - nion@jabber.ccc.de - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.




Information forwarded to debian-bugs-dist@lists.debian.org, Sven Dowideit <svenud@ozemail.com.au>:
Bug#499534; Package twiki. (Thu, 06 Nov 2008 22:00:02 GMT) Full text and rfc822 format available.

Acknowledgement sent to Moritz Muehlenhoff <jmm@inutil.org>:
Extra info received and forwarded to list. Copy sent to Sven Dowideit <svenud@ozemail.com.au>. (Thu, 06 Nov 2008 22:00:02 GMT) Full text and rfc822 format available.

Message #37 received at 499534@bugs.debian.org (full text, mbox):

From: Moritz Muehlenhoff <jmm@inutil.org>
To: Nico Golde <nion@debian.org>
Cc: 499534@bugs.debian.org
Subject: Re: Bug#499534: twiki: Remote code execution vulerability.
Date: Thu, 6 Nov 2008 22:58:49 +0100
On Tue, Oct 07, 2008 at 02:38:31PM +0200, Nico Golde wrote:
> Hi Sven,
> * Olivier Berger <olivier.berger@it-sudparis.eu> [2008-09-20 12:30]:
> > On Sat, Sep 20, 2008 at 08:40:02AM +1000, Sven Dowideit wrote:
> > > This is _not_ a grave severity issue in the debian package, specifically
> > > because configure (as mentioned in the advisory) is locked down using
> > > apache to
> > >    1 localhost
> > >    2 an admin user that is created by the installer.
> > > 
> > 
> > ... well, at least for version in lenny (4.1.2-4), since we have fixed #485562 previously (I'm glad we did, then ;).
> 
> It would be still nice if this could be fixed... even if 
> this is not a grave issue.

Swen, what's the status for Lenny?

Cheers,
        Moritz




Information forwarded to debian-bugs-dist@lists.debian.org, Sven Dowideit <svenud@ozemail.com.au>:
Bug#499534; Package twiki. (Tue, 11 Nov 2008 23:57:03 GMT) Full text and rfc822 format available.

Acknowledgement sent to Sven Dowideit <SvenDowideit@fosiki.com>:
Extra info received and forwarded to list. Copy sent to Sven Dowideit <svenud@ozemail.com.au>. (Tue, 11 Nov 2008 23:57:03 GMT) Full text and rfc822 format available.

Message #42 received at 499534@bugs.debian.org (full text, mbox):

From: Sven Dowideit <SvenDowideit@fosiki.com>
To: Moritz Muehlenhoff <jmm@inutil.org>, 499534@bugs.debian.org
Cc: Nico Golde <nion@debian.org>
Subject: Re: Bug#499534: twiki: Remote code execution vulerability.
Date: Wed, 12 Nov 2008 10:55:10 +1100
oh crepe.

I thought we'd dealt with this already, but i was wrong.

looking into it - 4.1.2-5 here we come.

Sven
-- 
Consulting wiki Engineer
Sven Dowideit - http://fosiki.com
A WikiRing Partner - http://wikiring.com
Public key -
http://pgp.mit.edu:11371/pks/lookup?search=Sven+Dowideit&op=index&exact=on


Moritz Muehlenhoff wrote:
> On Tue, Oct 07, 2008 at 02:38:31PM +0200, Nico Golde wrote:
>> Hi Sven,
>> * Olivier Berger <olivier.berger@it-sudparis.eu> [2008-09-20 12:30]:
>>> On Sat, Sep 20, 2008 at 08:40:02AM +1000, Sven Dowideit wrote:
>>>> This is _not_ a grave severity issue in the debian package, specifically
>>>> because configure (as mentioned in the advisory) is locked down using
>>>> apache to
>>>>    1 localhost
>>>>    2 an admin user that is created by the installer.
>>>>
>>> ... well, at least for version in lenny (4.1.2-4), since we have fixed #485562 previously (I'm glad we did, then ;).
>> It would be still nice if this could be fixed... even if 
>> this is not a grave issue.
> 
> Swen, what's the status for Lenny?
> 
> Cheers,
>         Moritz
> 
> 




Information forwarded to debian-bugs-dist@lists.debian.org, Sven Dowideit <svenud@ozemail.com.au>:
Bug#499534; Package twiki. (Wed, 12 Nov 2008 01:03:02 GMT) Full text and rfc822 format available.

Acknowledgement sent to Sven Dowideit <SvenDowideit@fosiki.com>:
Extra info received and forwarded to list. Copy sent to Sven Dowideit <svenud@ozemail.com.au>. (Wed, 12 Nov 2008 01:03:02 GMT) Full text and rfc822 format available.

Message #47 received at 499534@bugs.debian.org (full text, mbox):

From: Sven Dowideit <SvenDowideit@fosiki.com>
To: Moritz Muehlenhoff <jmm@inutil.org>, 499534@bugs.debian.org, Ardo van Rangelrooij <ardo@ardolabs.com>
Cc: Nico Golde <nion@debian.org>
Subject: Re: Bug#499534: twiki: Remote code execution vulerability.
Date: Wed, 12 Nov 2008 11:57:07 +1100
I have uploaded an updated 4.1.2-5 with this and a few other things fixed.

I've emailed Ardo asking for sponsorship, but if he's not around, would
appreciate assistance :)

Sven
-- 
Consulting wiki Engineer
Sven Dowideit - http://fosiki.com
A WikiRing Partner - http://wikiring.com
Public key -
http://pgp.mit.edu:11371/pks/lookup?search=Sven+Dowideit&op=index&exact=on


Moritz Muehlenhoff wrote:
> On Tue, Oct 07, 2008 at 02:38:31PM +0200, Nico Golde wrote:
>> Hi Sven,
>> * Olivier Berger <olivier.berger@it-sudparis.eu> [2008-09-20 12:30]:
>>> On Sat, Sep 20, 2008 at 08:40:02AM +1000, Sven Dowideit wrote:
>>>> This is _not_ a grave severity issue in the debian package, specifically
>>>> because configure (as mentioned in the advisory) is locked down using
>>>> apache to
>>>>    1 localhost
>>>>    2 an admin user that is created by the installer.
>>>>
>>> ... well, at least for version in lenny (4.1.2-4), since we have fixed #485562 previously (I'm glad we did, then ;).
>> It would be still nice if this could be fixed... even if 
>> this is not a grave issue.
> 
> Swen, what's the status for Lenny?
> 
> Cheers,
>         Moritz
> 
> 




Information forwarded to debian-bugs-dist@lists.debian.org, Sven Dowideit <svenud@ozemail.com.au>:
Bug#499534; Package twiki. (Fri, 14 Nov 2008 14:33:03 GMT) Full text and rfc822 format available.

Acknowledgement sent to Ardo van Rangelrooij <ardo@ardolabs.com>:
Extra info received and forwarded to list. Copy sent to Sven Dowideit <svenud@ozemail.com.au>. (Fri, 14 Nov 2008 14:33:03 GMT) Full text and rfc822 format available.

Message #52 received at 499534@bugs.debian.org (full text, mbox):

From: Ardo van Rangelrooij <ardo@ardolabs.com>
To: Sven Dowideit <SvenDowideit@fosiki.com>, 499534@bugs.debian.org
Cc: Moritz Muehlenhoff <jmm@inutil.org>, Nico Golde <nion@debian.org>
Subject: Re: Bug#499534: twiki: Remote code execution vulerability.
Date: Fri, 14 Nov 2008 08:33:25 -0600
I'll upload it later today.

Thanks,
Ardo

Sven Dowideit wrote:
> I have uploaded an updated 4.1.2-5 with this and a few other things fixed.
> 
> I've emailed Ardo asking for sponsorship, but if he's not around, would
> appreciate assistance :)
> 
> Sven


-- 
Ardo van Rangelrooij                                     Debian XML/SGML Group
<ardo@debian.org>              <debian-xml-sgml-devel@lists.alioth.debian.org>
http://people.debian.org/~ardo/      http://debian-xml-sgml.alioth.debian.org/




Reply sent to Sven Dowideit <SvenDowideit@DistributedINFORMATION.com>:
You have taken responsibility. (Sat, 15 Nov 2008 06:03:16 GMT) Full text and rfc822 format available.

Notification sent to Brad Krane <bjkrane@feds.uwaterloo.ca>:
Bug acknowledged by developer. (Sat, 15 Nov 2008 06:03:17 GMT) Full text and rfc822 format available.

Message #57 received at 499534-close@bugs.debian.org (full text, mbox):

From: Sven Dowideit <SvenDowideit@DistributedINFORMATION.com>
To: 499534-close@bugs.debian.org
Subject: Bug#499534: fixed in twiki 1:4.1.2-5
Date: Sat, 15 Nov 2008 05:32:04 +0000
Source: twiki
Source-Version: 1:4.1.2-5

We believe that the bug you reported is fixed in the latest version of
twiki, which is due to be installed in the Debian FTP archive:

twiki_4.1.2-5.diff.gz
  to pool/main/t/twiki/twiki_4.1.2-5.diff.gz
twiki_4.1.2-5.dsc
  to pool/main/t/twiki/twiki_4.1.2-5.dsc
twiki_4.1.2-5_all.deb
  to pool/main/t/twiki/twiki_4.1.2-5_all.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 499534@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Sven Dowideit <SvenDowideit@DistributedINFORMATION.com> (supplier of updated twiki package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Wed, 12 Nov 2008 09:53:40 +0100
Source: twiki
Binary: twiki
Architecture: source all
Version: 1:4.1.2-5
Distribution: unstable
Urgency: emergency
Maintainer: Sven Dowideit <svenud@ozemail.com.au>
Changed-By: Sven Dowideit <SvenDowideit@DistributedINFORMATION.com>
Description: 
 twiki      - A Web Based Collaboration Platform
Closes: 464174 468159 472274 482321 492648 499534 502958
Changes: 
 twiki (1:4.1.2-5) unstable; urgency=emergency
 .
   * fix TemplateLogin passthrough sysopen (Closes: #468159)
   * Arbitrary Code Execution in Configure Script (CVE-2008-3195)
     - Closes: #499534
   * allow '-' for user & groupnames (Closes: #464174)
   * update Swedish strings for twiki debconf (Closes: #492648)
   * patch comments.tmpl to fix Comment plugin definitions (Closes: #502958)
   * remove optional mod-perl dependencies as it does not work yet
     - Closes: #482321
   * remove "uninitialized value" errors in TWiki.pm (Closes: #472274)
Checksums-Sha1: 
 52138473216a395aa8dd230a72be58bf289602e7 1074 twiki_4.1.2-5.dsc
 4788b36921eb5400f8df872a15cee9686b6a0e63 53787 twiki_4.1.2-5.diff.gz
 9daa5de6763de8da863d53c73af7c00087af930d 4687694 twiki_4.1.2-5_all.deb
Checksums-Sha256: 
 0de15d9009f62043c51b5cbf95d297360959457578bd75bd1fd6942a20798783 1074 twiki_4.1.2-5.dsc
 3c878a99ed1dd3e9e8ac24d157cbb48b7c499e2482e6260e7d5fea90132203fb 53787 twiki_4.1.2-5.diff.gz
 5367ed98ff6a7757747b10de890379785a3a3486861749648a6e34dc9351e477 4687694 twiki_4.1.2-5_all.deb
Files: 
 d79475d13d121d3b9ca4b3270e561880 1074 web optional twiki_4.1.2-5.dsc
 467036ec6ac184a356642ad12ee6986c 53787 web optional twiki_4.1.2-5.diff.gz
 f8f17eee808bf6b5758437f28a57b589 4687694 web optional twiki_4.1.2-5_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iQCVAwUBSR5bwT6XMRfcxSjpAQI/tQP/W1DkWdg8DpA4xliuxAICINB5D/hQL2Ek
1WI0J3jTSgckYb8q1VfZY3jaqk08r+e2NBb/469pBQd4Vuydf9eWPRFN+VN0lv7R
/8xoj39F1cd57pOaj2cBHMnR7+6V5weHJOYWU81zeuFTNcrXE1nrp8DV0+h2RhM/
CCdaLvLtOik=
=kEhN
-----END PGP SIGNATURE-----





Bug archived. Request was from Debbugs Internal Request <owner@bugs.debian.org> to internal_control@bugs.debian.org. (Tue, 16 Dec 2008 07:26:31 GMT) Full text and rfc822 format available.

Send a report that this bug log contains spam.


Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Fri Apr 18 03:48:33 2014; Machine Name: buxtehude.debian.org

Debian Bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.