Bug#591443: marked as done (CVE-2010-2799: Stack overflow by lexical scanning of nested character patterns)

[Debian Bug Tracking System]

Your message dated Tue, 03 Aug 2010 09:10:48 +0000
with message-id <e1ogdwk-0007gy...@franck.debian.org>
and subject line Bug#591443: fixed in socat 1.7.1.3-1
has caused the Debian Bug report #591443,
regarding CVE-2010-2799: Stack overflow by lexical scanning of nested character 
patterns
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
591443: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=591443
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

--- Begin Message ---

Package: socat
Severity: grave
Tags: security

This is CVE-2010-2799:
http://www.dest-unreach.org/socat/contrib/socat-secadv2.html

Cheers,
        Moritz

-- System Information:
Debian Release: squeeze/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: i386 (i686)

Kernel: Linux 2.6.32-5-686 (SMP w/1 CPU core)
Locale: LANG=C, lc_ctype=de_de.iso-8859...@euro (charmap=ISO-8859-15)
Shell: /bin/sh linked to /bin/bash

Versions of packages socat depends on:
ii  libc6                         2.11.2-2   Embedded GNU C Library: Shared lib
ii  libreadline5                  5.2-7      GNU readline and history libraries
ii  libssl0.9.8                   0.9.8o-1   SSL shared libraries
ii  libwrap0                      7.6.q-19   Wietse Venema's TCP wrappers libra

socat recommends no packages.

socat suggests no packages.

--- End Message ---

--- Begin Message ---

Source: socat
Source-Version: 1.7.1.3-1

We believe that the bug you reported is fixed in the latest version of
socat, which is due to be installed in the Debian FTP archive:

socat_1.7.1.3-1.debian.tar.gz
  to main/s/socat/socat_1.7.1.3-1.debian.tar.gz
socat_1.7.1.3-1.dsc
  to main/s/socat/socat_1.7.1.3-1.dsc
socat_1.7.1.3-1_amd64.deb
  to main/s/socat/socat_1.7.1.3-1_amd64.deb
socat_1.7.1.3.orig.tar.gz
  to main/s/socat/socat_1.7.1.3.orig.tar.gz



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 591...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Chris Taylor <ctay...@debian.org> (supplier of updated socat package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Tue, 03 Aug 2010 06:07:55 +0000
Source: socat
Binary: socat
Architecture: source amd64
Version: 1.7.1.3-1
Distribution: unstable
Urgency: low
Maintainer: Chris Taylor <ctay...@debian.org>
Changed-By: Chris Taylor <ctay...@debian.org>
Description: 
 socat      - multipurpose relay for bidirectional data transfer
Closes: 591443
Changes: 
 socat (1.7.1.3-1) unstable; urgency=low
 .
   * New upstream release.
   * Upstream release fixes CVE-2010-2799 (Closes: #591443)
   * Bump Standards-Version.
Checksums-Sha1: 
 f369054ab1ab001949f6797612b7f7c9687db00c 1071 socat_1.7.1.3-1.dsc
 5a42275da0d8a5182452b36535a74c3cdf21793b 553489 socat_1.7.1.3.orig.tar.gz
 f8c0a36b0dc3bf1bd97ae6f2e401740017fd2a39 11542 socat_1.7.1.3-1.debian.tar.gz
 e57472ed39fff8a167e1a8037b1b2d801b8d95ae 381808 socat_1.7.1.3-1_amd64.deb
Checksums-Sha256: 
 be271e001adbb49ee0fafa8f552cea0ea7b5a911d2556e9d7251618307c0a392 1071 
socat_1.7.1.3-1.dsc
 d6c2e6cae5e790c5fd875c19818c1be14234afe5a137fd78663cb85f828c4976 553489 
socat_1.7.1.3.orig.tar.gz
 599906b9fa279af849685389b5ad4a0deeccebccd67779d8a44be0f2fb6a41c2 11542 
socat_1.7.1.3-1.debian.tar.gz
 922ef17b21d0181657597608ad791100145247eaf250ed8ea16213fcb68c6325 381808 
socat_1.7.1.3-1_amd64.deb
Files: 
 a3fbc3fb952c7c72fc3c77d977bee71e 1071 net extra socat_1.7.1.3-1.dsc
 f5cd212c511725864c4b5e08a22d3366 553489 net extra socat_1.7.1.3.orig.tar.gz
 228bd27c944b8fc7d925d013fb572cfa 11542 net extra socat_1.7.1.3-1.debian.tar.gz
 2257d22ba3cd8effa155b1b9305564f7 381808 net extra socat_1.7.1.3-1_amd64.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iEYEARECAAYFAkxXtvgACgkQLpNUoan9SCG64wCeOcoYZ6f5UQxItyTK46HQW4xm
bUkAn3XRtbFiWFbaDRnNNgGJKIWSn0EK
=eDaq
-----END PGP SIGNATURE-----

--- End Message ---