Your message dated Wed, 6 Jul 2005 16:04:56 +0100
with message-id <[EMAIL PROTECTED]>
and subject line Bug#317133: zlib1g: [CAN-2005-2096] buffer overflow in
decompressor
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--------------------------------------
Received: (at submit) by bugs.debian.org; 6 Jul 2005 14:34:38 +0000
>From [EMAIL PROTECTED] Wed Jul 06 07:34:38 2005
Return-path: <[EMAIL PROTECTED]>
Received: from mail.enyo.de [212.9.189.167]
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1DqAz0-00051W-00; Wed, 06 Jul 2005 07:34:38 -0700
Received: from deneb.vpn.enyo.de ([212.9.189.177] helo=deneb.enyo.de)
by albireo.enyo.de with esmtp id 1DqAyx-0006B0-S9
for [EMAIL PROTECTED]; Wed, 06 Jul 2005 16:34:35 +0200
Received: from fw by deneb.enyo.de with local (Exim 4.52)
id 1DqAyv-00031X-EM; Wed, 06 Jul 2005 16:34:33 +0200
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: Florian Weimer <[EMAIL PROTECTED]>
To: Debian Bug Tracking System <[EMAIL PROTECTED]>
Subject: zlib1g: [CAN-2005-2096] buffer overflow in decompressor
X-Mailer: reportbug 3.15
Date: Wed, 06 Jul 2005 16:34:33 +0200
Message-Id: <[EMAIL PROTECTED]>
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE
autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level:
Package: zlib1g
Version: 1:1.2.2-5
Severity: grave
Tags: security
Justification: user security hole
FreeBSD has just released an advisory on a buffer overflow in the zlib
decompression routine. Their patch is expected to appear under:
ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-05:16/zlib.patch
The Debian security team apparently has more information.
---------------------------------------
Received: (at 317133-done) by bugs.debian.org; 6 Jul 2005 15:05:06 +0000
>From [EMAIL PROTECTED] Wed Jul 06 08:05:03 2005
Return-path: <[EMAIL PROTECTED]>
Received: from kerouac.projectcolo.org.uk [80.71.3.114]
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1DqBSP-0005pg-00; Wed, 06 Jul 2005 08:05:01 -0700
Received: from localhost (localhost [127.0.0.1])
by kerouac.projectcolo.org.uk (Postfix) with ESMTP id 1BE7679FB7
for <[EMAIL PROTECTED]>; Wed, 6 Jul 2005 16:04:57 +0100 (BST)
Received: from kerouac.projectcolo.org.uk ([127.0.0.1])
by localhost (kerouac [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id 08619-05 for <[EMAIL PROTECTED]>;
Wed, 6 Jul 2005 16:04:56 +0100 (BST)
Received: by kerouac.projectcolo.org.uk (Postfix, from userid 10003)
id A052079D7C; Wed, 6 Jul 2005 16:04:56 +0100 (BST)
Date: Wed, 6 Jul 2005 16:04:56 +0100
From: Mark Brown <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Subject: Re: Bug#317133: zlib1g: [CAN-2005-2096] buffer overflow in decompressor
Message-ID: <[EMAIL PROTECTED]>
References: <[EMAIL PROTECTED]>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <[EMAIL PROTECTED]>
User-Agent: Mutt/1.3.28i
X-Cookie: Absence makes the heart go wander.
X-Virus-Scanned: by amavisd-new-20030616-p10 (Debian) at projectcolo.org.uk
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER
autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level:
On Wed, Jul 06, 2005 at 04:34:33PM +0200, Florian Weimer wrote:
> FreeBSD has just released an advisory on a buffer overflow in the zlib
> decompression routine. Their patch is expected to appear under:
Fixed packages have already been uploaded to unstable and a DSA issued.
--
"You grabbed my hand and we fell into it, like a daydream - or a fever."
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
