Your message dated Fri, 12 Dec 2014 12:03:55 +0000 with message-id <e1xzowt-0002pf...@franck.debian.org> and subject line Bug#772793: fixed in cpio 2.11+dfsg-3 has caused the Debian Bug report #772793, regarding cpio: CVE-2014-9112 to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 772793: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=772793 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: cpio Severity: grave Tags: security Hi, please see http://seclists.org/fulldisclosure/2014/Nov/74 for the original report. Patches: http://git.savannah.gnu.org/cgit/cpio.git/commit/?id=746f3ff6 http://git.savannah.gnu.org/cgit/cpio.git/commit/?id=54d1c42a http://git.savannah.gnu.org/cgit/cpio.git/commit/?id=58df4f1b Cheers, Moritz
--- End Message ---
--- Begin Message ---Source: cpio Source-Version: 2.11+dfsg-3 We believe that the bug you reported is fixed in the latest version of cpio, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 772...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Anibal Monsalve Salazar <ani...@debian.org> (supplier of updated cpio package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Fri, 12 Dec 2014 10:41:11 +0000 Source: cpio Binary: cpio cpio-win32 Architecture: source all amd64 Version: 2.11+dfsg-3 Distribution: experimental Urgency: medium Maintainer: Anibal Monsalve Salazar <ani...@debian.org> Changed-By: Anibal Monsalve Salazar <ani...@debian.org> Description: cpio - GNU cpio -- a program to manage archives of files cpio-win32 - GNU cpio -- a program to manage archives of files (win32 build) Closes: 772793 Changes: cpio (2.11+dfsg-3) experimental; urgency=medium . * Use default compression source options * Fix CVE-2014-9112. Add the following upstream patches: 746f3ff6.patch 54d1c42a.patch 58df4f1b.patch Closes: #772793. Checksums-Sha1: 5610347122d510148148786b715c6f7a154bb314 1843 cpio_2.11+dfsg-3.dsc 4b63f960fd7149626d835c50ababe7006880a94e 16292 cpio_2.11+dfsg-3.debian.tar.xz 4ede4beabb6d8dd00ef39eff9039cefef750e956 59188 cpio-win32_2.11+dfsg-3_all.deb cb5612f474a44e084c3336b509799e2da010dc0d 176734 cpio_2.11+dfsg-3_amd64.deb Checksums-Sha256: e53d6b7c4bcd9fdcd9a7757df7f32072534ab1cbb4dbe5b9ff474b6f34359897 1843 cpio_2.11+dfsg-3.dsc 09d5625310f658c43fdac4e711487ae8231c8440a2712d579e13ce31acd4191d 16292 cpio_2.11+dfsg-3.debian.tar.xz 35286732ff616fa593a05a7934bd36767625b6059f3c226063b826bbc664db9f 59188 cpio-win32_2.11+dfsg-3_all.deb 394c1dcda55b1fdb48769fa6cdb8170c09e43eb0627d7b0c831e9d201b90d567 176734 cpio_2.11+dfsg-3_amd64.deb Files: 2e877a6d2e777230aff07a6a25cbd225 1843 utils important cpio_2.11+dfsg-3.dsc d7bb399213a463e77bde5e7e8e4567c0 16292 utils important cpio_2.11+dfsg-3.debian.tar.xz f06b2f12ba409dcf438adfbcddceeb04 59188 utils extra cpio-win32_2.11+dfsg-3_all.deb c2399c907e8c5c9ee02d1b109a968493 176734 utils important cpio_2.11+dfsg-3_amd64.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCgAGBQJUiteZAAoJEHxWrP6UeJfYqr8P/0rfmkXpuNVVSsN+BNGceUiA 0aQsRCWWZ1ofAiEUbfBZoEojJhiqwmPY3Qfn/xpAahcIL7XZn1A9NJXadPQ1VSNv yw/rIwCUjJ5lKmIEOFftahNQUUxldU7cM3uQ9NWIXa+1Q/sERTsi2ykYKfcociWg O/vbOu0gBjQtWZ4cqzTuDSqmZbuQWaaLfEUHjetACMiCj2lVFSck30V2lotXY5ZX PLjyU6QqnJQs1PpGDYFsPccmy2IDBTh54oQsmU1BfsUXuADajjBkMMfaTbnxXfVF 2dzoisGVgDm9zc4oG4nUgKPhfIpz411AcmIQrpz+OjvDungVN72DenuD8/EkStLQ rrVzqIoLVgGvS7c4NJsTBwz7KOtpmVr4ARqGtvSmH4IDq4ZObf1A1h7P//dnEjD5 NaC8g3ZY5qguXpzmRcpJB4A2iLMjgz76EPDwbh35B/1EUC0ox7coSQVEZa4e29zY DkOykVeHBZuYqByIJtoAxpjLTRlM9uNIz5ChXUneKV2DK9HnQVr90rTS3kyxp//E vsq/nHyh7R9sRPDSVYXmVRSVFmdHP4nsDdI3en1DIPfGX85xNxPWwBeMGGjKt6eB GnekJDzAd+393gBV/uugtcUZ47+nsN1BPyWfDL8r7Bwgj9LDj08U5pYVVH4itY69 D7zmtFtFCDJyWj1o/Akp =+2C4 -----END PGP SIGNATURE-----
--- End Message ---
