Your message dated Sun, 30 Mar 2014 17:59:33 +0300
with message-id <20140330145933.ga12...@kludge.henri.nerv.fi>
and subject line closing
has caused the Debian Bug report #688331,
regarding boost1.42: CVE-2012-2677
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
688331: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=688331
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: boost1.42
Severity: grave
Tags: security patch
Justification: user security hole
This is done in unstable, but not in stable up to now so:
Please see
http://kqueue.org/blog/2012/03/05/memory-allocator-security-revisited/
The upstream fix and a test case is available here:
https://svn.boost.org/trac/boost/changeset/78326
(Copied from #677197)
cu
AW
-- System Information:
Debian Release: 6.0.5
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable'), (50, 'proposed-updates')
Architecture: i386 (i686)
Kernel: Linux 2.6.32-5-686 (SMP w/2 CPU cores)
Locale: LANG=C, LC_CTYPE=de_DE (charmap=ISO-8859-1)
Shell: /bin/sh linked to /bin/dash
--- End Message ---
--- Begin Message ---
Closing as wontfix. Please reopen if needed. For more information please see
https://security-tracker.debian.org/tracker/CVE-2012-2677
---
Henri Salo
signature.asc
Description: Digital signature
--- End Message ---
