Bug#772811: marked as done (unrtf: CVE-2014-9274 CVE-2014-9275)

Debian Bug Tracking System Wed, 14 Jan 2015 10:58:10 -0800

Your message dated Wed, 14 Jan 2015 18:48:38 +0000
with message-id <e1ybsze-00062k...@franck.debian.org>
and subject line Bug#772811: fixed in unrtf 0.19.3-1.1+deb6u1
has caused the Debian Bug report #772811,
regarding unrtf: CVE-2014-9274 CVE-2014-9275
to be marked as done.


This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
772811: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=772811
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

--- Begin Message ---

Package: unrtf
Severity: grave
Tags: security

Please see http://www.openwall.com/lists/oss-security/2014/12/03/4
for more information and references to patches.

Cheers,
        Moritz

--- End Message ---

--- Begin Message ---

Source: unrtf
Source-Version: 0.19.3-1.1+deb6u1

We believe that the bug you reported is fixed in the latest version of
unrtf, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 772...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Nguyen Cong <cong.nguyen...@toshiba-tsdv.com> (supplier of updated unrtf 
package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 30 Dec 2014 14:42:06 +0700
Source: unrtf
Binary: unrtf
Architecture: source i386
Version: 0.19.3-1.1+deb6u1
Distribution: squeeze-lts
Urgency: high
Maintainer: Christian Surchi <csur...@debian.org>
Changed-By: Nguyen Cong <cong.nguyen...@toshiba-tsdv.com>
Description: 
 unrtf      - RTF to other formats converter
Closes: 772811
Changes: 
 unrtf (0.19.3-1.1+deb6u1) squeeze-lts; urgency=high
 .
   * Non-maintainer upload.
   * Security fixes, closes: #772811
      - Fix CVE-2014-9274: check that accesses to color table stay within bounds
      - Fix CVE-2014-9275: various crashes
     Patches taken from upstream commits:
      - CVE-2014-9274: b0cef89a170a66bc48f8dd288ce562ea8ca91f7a
 .
      - CVE-2014-9275: 1df886f2e65f7c512a6217588ae8d94d4bcbc63d
                       3c7ff3f888de0f0d957fe67b6bd4bec9c0d475f3
Checksums-Sha1: 
 21598e438409abe866936b9b8a483f50159b28fd 1730 unrtf_0.19.3-1.1+deb6u1.dsc
 e27b7a26755f694d9fd2859f7077cb1872477008 126047 unrtf_0.19.3.orig.tar.gz
 c15e853cd927d108513c651de736221e2ebf5c2b 5200 unrtf_0.19.3-1.1+deb6u1.diff.gz
 9e4e73f0138f1e503ab0baca94a48f81250ffa19 49084 unrtf_0.19.3-1.1+deb6u1_i386.deb
Checksums-Sha256: 
 775ae3fbe02ccbe828118ecdf9e579058b593bc78565b2324a5f4ee2593030fc 1730 
unrtf_0.19.3-1.1+deb6u1.dsc
 31cd94a7add4554a40ef9873231ef22ec800cab95ccbab471d759f9e2642e56a 126047 
unrtf_0.19.3.orig.tar.gz
 dd479f9b3e8003adc9d59316341bfcfd14e4055785f7827c20e5007033a86aaf 5200 
unrtf_0.19.3-1.1+deb6u1.diff.gz
 7a2ec179038a324fbe8e8a4d7173f29fc9a4e39195e469632747da7044d76800 49084 
unrtf_0.19.3-1.1+deb6u1_i386.deb
Files: 
 9b92d13b0b753f3fbeaa077a37d0fa54 1730 text optional unrtf_0.19.3-1.1+deb6u1.dsc
 a6ae7d608ae1ec566970b5985fd28c4c 126047 text optional unrtf_0.19.3.orig.tar.gz
 063949d3350faa87a1cb3f5a97b96f7a 5200 text optional 
unrtf_0.19.3-1.1+deb6u1.diff.gz
 7f6aaf3e3afb8030c6415318fa3d9179 49084 text optional 
unrtf_0.19.3-1.1+deb6u1_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQJ8BAEBCgBmBQJUtrjjXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ2MjAxRkJGRkRCQkRFMDc4MjJFQUJCOTY5
NkZDQUMwRDM4N0I1ODQ3AAoJEJb8rA04e1hHnDsP/RKPdmAbAzVq8K2AC/I1tL5Y
OXUJjgjRS2qdz0haDAoTnrUGf++qrlpo2flICmIqK81n0ZwVMOAMZnJ5LTYxzv2x
kYIfeBYDQ4iwekBTwSAwhRPA6KOOgksY4patEFGJPkVRHy0kpXmUqWAxVQhfJK86
St2CvuqyyVjcKShNBDx2At6drlDAbF4pSDQ7TC1n8ir8eWnDFeEp0/EiPcg0qTPr
S01c1S0z2/aKn8mJRqL22IFJ/rzbldD+ZGCYJqnQDB9ahHgiWVbjhFi6EJGMS/KN
qB7Za6H/A4t90CstIkpYsHC7HLTmBW3a8WsEpzoQLGyuqeZJNwNaS1v+oKOyvf62
KBbSjnkgEAKR5tN+os5nhxhXk/KZ0UUMo94sWVrmJT0xIk8q5WoGDv4CzQENU/s2
GnP/VC7+t/+gkjNz79TEPjwtUVPtqcAc0mDIWbf8FeQAYHkSNvsC+5UHHvhSydW0
ihcV5I0I9H3+qwIC+1RWLyOO6F1aCucMilSbyoXF8guOUJgIvK3LgpUSEWXGxXLO
62cQKDTBquBPhUC2p8u6oNn5zmeEW3apRaRzPVVC6TuoFyDOzecNMrG3d45Fwopc
nRWkZqLizDI9aLvxliDDUwaW3b0qmhwYLcde40CcBHwnp4WQKoY5GiU7dusBbbzF
0YfDpaGzd4swgipZBr/D
=lprh
-----END PGP SIGNATURE-----

--- End Message ---

Bug#772811: marked as done (unrtf: CVE-2014-9274 CVE-2014-9275)

Reply via email to