Your message dated Tue, 22 Apr 2014 15:35:44 +0000 with message-id <e1wccjy-0003uz...@franck.debian.org> and subject line Bug#743960: fixed in jbigkit 2.0-2.1 has caused the Debian Bug report #743960, regarding jbigkit: CVE-2013-6369: stack-based buffer overflow flaw to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 743960: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=743960 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Source: jbigkit Version: 2.0-2 Severity: grave Tags: security upstream patch fixed-upstream Hi, the following vulnerability was published for jbigkit. CVE-2013-6369[0]: stack-based buffer overflow flaw If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6369 https://security-tracker.debian.org/tracker/CVE-2013-6369 [1] https://bugzilla.redhat.com/show_bug.cgi?id=1032273 where [1] also contains an isolated patch for jbigkit. Regards, Salvatore
--- End Message ---
--- Begin Message ---Source: jbigkit Source-Version: 2.0-2.1 We believe that the bug you reported is fixed in the latest version of jbigkit, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 743...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Salvatore Bonaccorso <car...@debian.org> (supplier of updated jbigkit package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sun, 20 Apr 2014 16:37:42 +0200 Source: jbigkit Binary: jbigkit-bin libjbig-dev libjbig0 Architecture: source amd64 Version: 2.0-2.1 Distribution: unstable Urgency: medium Maintainer: Michael van der Kolff <mvanderko...@gmail.com> Changed-By: Salvatore Bonaccorso <car...@debian.org> Description: jbigkit-bin - JBIGkit binaries libjbig-dev - JBIGkit development files libjbig0 - JBIGkit libraries Closes: 743960 Changes: jbigkit (2.0-2.1) unstable; urgency=medium . * Non-maintainer upload. * Add CVE-2013-6369.patch patch. CVE-2013-6369: Fix stack-based buffer overflow flaw. (Closes: #743960) Checksums-Sha1: 4aeff5a3a52881448243c0db94737c2fd3c67822 1916 jbigkit_2.0-2.1.dsc 4973084244b03252775fc0ab5616af4560521d32 6832 jbigkit_2.0-2.1.debian.tar.xz 8ca970e9a4f9d5d28c50b77eb3a1071fa575586f 27232 jbigkit-bin_2.0-2.1_amd64.deb b9134f037c185b0a3498d48da1acad34090af955 10628 libjbig-dev_2.0-2.1_amd64.deb 5377c47758d71ee4db96e11de6bbb0055af05c51 29302 libjbig0_2.0-2.1_amd64.deb Checksums-Sha256: 51408e93ef6234651caffbb0d6ce1b5d6a970c8d4d9e6c879339e7a2353bbf66 1916 jbigkit_2.0-2.1.dsc e9299062b9663e31eaccfb25c10af465ae46bcd103f3a3ce240bec818190cbac 6832 jbigkit_2.0-2.1.debian.tar.xz b41d2b4b30a3a4d4247d09e8217cb506c98c4c0290fe319ac7f2bbc4c08c128f 27232 jbigkit-bin_2.0-2.1_amd64.deb e5af65385b40a7dabb4757b7077e516d83fec38c087021b1c599284849a1834c 10628 libjbig-dev_2.0-2.1_amd64.deb 2c3aec764f13833a01c9a0ad56310298d1c333766a28d516f30da12032e2662b 29302 libjbig0_2.0-2.1_amd64.deb Files: 3d1a8d130c1512c0eb76ef32f60962ff 1916 libs extra jbigkit_2.0-2.1.dsc 994fbc25afd599ff10b07928d0792e3d 6832 libs extra jbigkit_2.0-2.1.debian.tar.xz 26743198cb51c8f309f0b60aec25c5bf 27232 graphics extra jbigkit-bin_2.0-2.1_amd64.deb 0fb696b04be2e822bb917942a4166508 10628 libdevel extra libjbig-dev_2.0-2.1_amd64.deb f788357dd60b5408ea99e7c54be54d18 29302 libs extra libjbig0_2.0-2.1_amd64.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCgAGBQJTU9xEAAoJEAVMuPMTQ89EeWgP/0WH/SvOXBhxwxy1/7x/UX/h fJvOBTZbVMiX5/U23LA2BseUxkSKKknmO+ovSUuChcYxQZHOFW2STf5BcC4Cwogt z7qBFDQ6oXrWM5MjqCpBizIDC/GJf+Y8ViE/2lOtGIRhVD6QyW6/WLAkmPzmFtso vlCM4QZvYWqgjB72HyeCF7p+p5shj+qJBhJPogdhvHM9xGAX0DqYXWc9AWwmhIIN PLyBK9bgTCXyFsKkojP2lASNLyL9D4vKe4c5irqTpgn9xOKu12nnuC/1WC+TiBjU mnPUHof/yBtx3Khi933k+vH4ddJ6z8Ca2pH5OR+2WLfZO6PzdbuKyFSjuosVwCyX 0HIBKqE6ncv2hhkjiGSrWKLuSNR3pYSI7rCKNOedWntRJ5ql9QCxjOTgs0eNu/o+ 9N0XqunfB1BWMWaJ1UmLyqoFrqsQc/PNzhheAuZKFjFbcMmMIPa3PF8lCftsmmZE Aq5UHwSYaP/AePYEN1xeBa057o34C5E2SDMcx19k17NpjUhu3PbV/D+wmVjevykn I8LBJ1hJ7p30Q2bFs7Sa6KE9cKX0vkcwbCspa4WI80lst5VK/knuEWySvI5p81NX HC0quCS9w2CgM7hBw+0InH8aORU0MCJFvXUE1QRExX47vY9Bf8PMrDrdIBKksBjt wchi7a9Yb7UJs/VCGeMx =qJR8 -----END PGP SIGNATURE-----
--- End Message ---
