Your message dated Wed, 30 Jan 2013 21:02:07 +0000
with message-id <e1u0enh-00074a...@franck.debian.org>
and subject line Bug#695614: fixed in snack 2.2.10-dfsg1-9+squeeze1
has caused the Debian Bug report #695614,
regarding CVE-2012-6303: buffer overflows
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
695614: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=695614
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: snack
Severity: important
Tags: security
Hi,
the following vulnerability was published for snack.
CVE-2012-6303[0]:
WaveSurfer and Snack Sound Toolkit buffer overflows
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6303
http://security-tracker.debian.org/tracker/CVE-2012-6303
[1] http://www.openwall.com/lists/oss-security/2012/12/10/2
Please adjust the affected versions in the BTS as needed.
p.s.: I haven't done further investigation, only reporting/forwarding
from oss-security mailinglist.
Regards,
Salvatore
signature.asc
Description: Digital signature
--- End Message ---
--- Begin Message ---
Source: snack
Source-Version: 2.2.10-dfsg1-9+squeeze1
We believe that the bug you reported is fixed in the latest version of
snack, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 695...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Sergei Golovan <sgolo...@debian.org> (supplier of updated snack package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Thu, 29 Oct 2009 21:58:50 +0300
Source: snack
Binary: libsnack2 libsnack2-alsa python-tksnack libsnack2-dev libsnack2-doc
Architecture: source i386 all
Version: 2.2.10-dfsg1-9+squeeze1
Distribution: stable
Urgency: low
Maintainer: Sergei Golovan <sgolo...@debian.org>
Changed-By: Sergei Golovan <sgolo...@debian.org>
Description:
libsnack2 - Sound extension to Tcl/Tk and Python/Tkinter - Tcl/Tk library
libsnack2-alsa - Sound extension to Tcl/Tk and Python/Tkinter - Tcl/Tk library
libsnack2-dev - Sound extension to Tcl/Tk and Python/Tkinter - development
files
libsnack2-doc - Sound extension to Tcl/Tk and Python/Tkinter - documentation
python-tksnack - Sound extension to Tcl/Tk and Python/Tkinter - Python library
Closes: 695614
Changes:
snack (2.2.10-dfsg1-9+squeeze1) stable; urgency=low
.
* Included patch by Michael Karcher to fix CVE-2012-6303 (closes: #695614).
Checksums-Sha1:
45a301b74c5fdf69bd74bba9ac873cceaf97680c 1265 snack_2.2.10-dfsg1-9+squeeze1.dsc
7272b114a8feb717fce380da5018042c67cd5620 8326
snack_2.2.10-dfsg1-9+squeeze1.diff.gz
e3743eafa7fd033f92d54850ccdcca3fce4694f2 366576
libsnack2_2.2.10-dfsg1-9+squeeze1_i386.deb
5e15cc2f68fc6ebb31e59b66b1f0c98c7b78dae8 58652
libsnack2-dev_2.2.10-dfsg1-9+squeeze1_i386.deb
48282a55aa75e422f69cbbed33eec1ecc5db4419 359500
libsnack2-alsa_2.2.10-dfsg1-9+squeeze1_i386.deb
d9f07ca696604cbf3ebcfc57b92c1869b60e16b0 32796
python-tksnack_2.2.10-dfsg1-9+squeeze1_all.deb
7c2dda2f00ed344da432bccd4af7c89307f6f36e 223076
libsnack2-doc_2.2.10-dfsg1-9+squeeze1_all.deb
Checksums-Sha256:
b4334f17d13d168cb6ac6847d5b665bafe2cd497146808bdc4af06b2ba7a2ce6 1265
snack_2.2.10-dfsg1-9+squeeze1.dsc
86f9ae2fa71d66187058c511a9a4caab0831856d641997dec303170d381a8091 8326
snack_2.2.10-dfsg1-9+squeeze1.diff.gz
569804ad04bcc2647bcf3ce4441e34c34a5b2cacd051836725b40f9698dd6189 366576
libsnack2_2.2.10-dfsg1-9+squeeze1_i386.deb
6f81f4ab24e3c66ca958afa804fcb3290f72835b2e7ccbc12046d17a4fabf5b9 58652
libsnack2-dev_2.2.10-dfsg1-9+squeeze1_i386.deb
76db158f730fea303d1dccc51946488c3437baad9474d8115b2c7bc531109285 359500
libsnack2-alsa_2.2.10-dfsg1-9+squeeze1_i386.deb
14915d0dcf4402ffd16b15451250be5c8109d415a4821ecbd035394110e5649e 32796
python-tksnack_2.2.10-dfsg1-9+squeeze1_all.deb
5d09b569c7799892e1603d57c87a903099daecd58629cbea51e6e4f5f1fab3dd 223076
libsnack2-doc_2.2.10-dfsg1-9+squeeze1_all.deb
Files:
4df58757105754079f59d5008d2ed2ad 1265 sound optional
snack_2.2.10-dfsg1-9+squeeze1.dsc
fb5d47f81d349f7684f576e36e7766f4 8326 sound optional
snack_2.2.10-dfsg1-9+squeeze1.diff.gz
4b3ce03f1ffdad5e9bd3e963a4142dc2 366576 libs optional
libsnack2_2.2.10-dfsg1-9+squeeze1_i386.deb
eb0d73e4862d7fdf73836074eaeb2908 58652 libdevel optional
libsnack2-dev_2.2.10-dfsg1-9+squeeze1_i386.deb
20ff666e3f2689ac2067592d33706780 359500 libs optional
libsnack2-alsa_2.2.10-dfsg1-9+squeeze1_i386.deb
1d28ec48477762e9c14fb98f6bfabf6a 32796 python optional
python-tksnack_2.2.10-dfsg1-9+squeeze1_all.deb
936373a38ed052b3984dc647c7a140ae 223076 doc optional
libsnack2-doc_2.2.10-dfsg1-9+squeeze1_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iD8DBQFRCLr6IcdH02pGEFIRAoyWAJ9WzlByoeYU4XBz7DAYaoV7g0hDMgCfb2cR
o5OBy8onYqz2httrZgiTLgM=
=Yjx4
-----END PGP SIGNATURE-----
--- End Message ---
