Your message dated Mon, 15 Dec 2014 15:34:42 +0000 with message-id <e1y0xfw-0003yh...@franck.debian.org> and subject line Bug#772793: fixed in cpio 2.11-4+deb6u1 has caused the Debian Bug report #772793, regarding cpio: CVE-2014-9112 to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 772793: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=772793 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: cpio Severity: grave Tags: security Hi, please see http://seclists.org/fulldisclosure/2014/Nov/74 for the original report. Patches: http://git.savannah.gnu.org/cgit/cpio.git/commit/?id=746f3ff6 http://git.savannah.gnu.org/cgit/cpio.git/commit/?id=54d1c42a http://git.savannah.gnu.org/cgit/cpio.git/commit/?id=58df4f1b Cheers, Moritz
--- End Message ---
--- Begin Message ---Source: cpio Source-Version: 2.11-4+deb6u1 We believe that the bug you reported is fixed in the latest version of cpio, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 772...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Raphaël Hertzog <hert...@debian.org> (supplier of updated cpio package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Mon, 15 Dec 2014 12:07:14 +0100 Source: cpio Binary: cpio cpio-win32 Architecture: source all amd64 Version: 2.11-4+deb6u1 Distribution: squeeze-lts Urgency: medium Maintainer: Clint Adams <sch...@debian.org> Changed-By: Raphaël Hertzog <hert...@debian.org> Description: cpio - GNU cpio -- a program to manage archives of files cpio-win32 - GNU cpio -- a program to manage archives of files (win32 build) Closes: 772793 Changes: cpio (2.11-4+deb6u1) squeeze-lts; urgency=medium . * Non-maintainer security upload by the Debian LTS team. * Include upstream patches for CVE-2014-9112. Fixes a buffer overrun and multiple NULL pointer dereference. Closes: #772793 Checksums-Sha1: 151adf82e098d0c0cd0228602ab0e6a9e18a9dc7 1437 cpio_2.11-4+deb6u1.dsc 97913cf119fb960cc5d94bdfa66a6e3e64dc63a1 39115 cpio_2.11-4+deb6u1.debian.tar.gz 88aadf0521a142e034e1577f8fb32da77bf1711a 78684 cpio-win32_2.11-4+deb6u1_all.deb 8ee6ab63db095120d5fdbe494c6c16c4c386405f 271482 cpio_2.11-4+deb6u1_amd64.deb Checksums-Sha256: 617522a42f9d7a05b27924e5ba01794dbd7e0ed5ddf14709cb659d43b0320158 1437 cpio_2.11-4+deb6u1.dsc c4650c056acb11c0422964cb385daef57ca782cf17d9b8d2feec7debbdb36fc7 39115 cpio_2.11-4+deb6u1.debian.tar.gz 7362a4608c856a8dfb7f429e5f06063c706c53897311f124308c802fe2596624 78684 cpio-win32_2.11-4+deb6u1_all.deb c6dc3c14a3e9d8242e96010ed4a67643c79c6ddd7b355e6787ce7a5cc65c424f 271482 cpio_2.11-4+deb6u1_amd64.deb Files: 8d32cb767a22687d04aadac13cf0d7eb 1437 utils important cpio_2.11-4+deb6u1.dsc 49c777e5f91cd775fbbc173c0f613524 39115 utils important cpio_2.11-4+deb6u1.debian.tar.gz 77998b1b87314b7750c933c81cc35766 78684 utils extra cpio-win32_2.11-4+deb6u1_all.deb 486cc6530cdb57276d4df156c24a8e39 271482 utils important cpio_2.11-4+deb6u1_amd64.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 Comment: Signed by Raphael Hertzog iQEcBAEBAgAGBQJUjuqGAAoJEAOIHavrwpq5E1IH/jTXiW3kX/Vr/9ScyU929zng 11k0C2Lj+6SQvO68PtWNOVDDZVK/VXKBh+kmeVxt6OzxQIpJ7jq1eskNWW5FFDL/ 69tSTLm/I6giyWOCRyTqNLCnDUiOg/hhyxnhhPlHT1Aynn3My2UPZRZhYVDtpfcQ 5Of7V5wHg/Ai37ci3A7OLm4CRB5q8SdhQnu+CwSzIwY8fJYqZmvVk0HoT6OmTNmj 3x9DA5Rtqqh6O6tJ+tUmrWc7pdoBAyNl9+S7LMUPW5mgiuMOvp462gTKIOgSCQSV Vkqanq/yKJF7ocxQ+UsKSdllMnHiJZrUHwXwAyAvNe68HJaDfLwgOvRTrxz0siI= =Fs91 -----END PGP SIGNATURE-----
--- End Message ---
