Your message dated Sat, 21 Feb 2015 03:34:18 +0000 with message-id <e1yp0pe-0006la...@franck.debian.org> and subject line Bug#776719: fixed in icu 52.1-7.1 has caused the Debian Bug report #776719, regarding icu: CVE-2015-1205 / CVE-2014-9654 to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 776719: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776719 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---package: src:icu severity: serious tags: security, patch There is another icu issue fixed in chromium: https://marc.info/?l=oss-security&m=142244042307425&w=2 Links to upstream patches in that mail. This was rated as high severity by chromium. Best wishes, Mike
--- End Message ---
--- Begin Message ---Source: icu Source-Version: 52.1-7.1 We believe that the bug you reported is fixed in the latest version of icu, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 776...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Michael Gilbert <mgilb...@debian.org> (supplier of updated icu package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sun, 15 Feb 2015 22:19:14 +0000 Source: icu Binary: libicu52 libicu52-dbg libicu-dev icu-devtools icu-doc Architecture: source all Version: 52.1-7.1 Distribution: unstable Urgency: high Maintainer: Jay Berkenbilt <q...@debian.org> Changed-By: Michael Gilbert <mgilb...@debian.org> Description: icu-devtools - Development utilities for International Components for Unicode icu-doc - API documentation for ICU classes and functions libicu-dev - Development files for International Components for Unicode libicu52 - International Components for Unicode libicu52-dbg - International Components for Unicode Closes: 776264 776265 776719 Changes: icu (52.1-7.1) unstable; urgency=high . * Non-maintainer upload by the Security Team. * Unfixed issue from the previous upload (closes: #776264) - CVE-2014-6585: out-of-bounds read. * Issues fixed in chromium 40.0.2214.91 (closes: #776265, #776719). - CVE-2014-7923: memory corruption in regular expression comparison. - CVE-2014-7926: memory corruption in regular expression comparison. - CVE-2014-7940: uninitialized memory in i18n/icol.cpp. - CVE-2014-9654: more regular expression handling issues. Checksums-Sha1: 1846ec71b350e8a9d86ccf3f567667f8c7a79c82 2665 icu_52.1-7.1.dsc a14ee646205791d253022cf9f26b120e1884ea05 25340 icu_52.1-7.1.debian.tar.xz b05936b447196166439ef61f5b65f8ab910611e9 2648362 icu-doc_52.1-7.1_all.deb Checksums-Sha256: 715880248e2278fdf41ef9b662e8077d1ff2064d62121f8faff0a0382db57918 2665 icu_52.1-7.1.dsc 0141af871d3fd2ca3dba9b8b255b2443f2fae2b9fb70aa7eedfdb5383303841d 25340 icu_52.1-7.1.debian.tar.xz 1a00488027a70ee2ac03a4dcc908db3b03e7e78b3db4ce8b6f9543056d488dad 2648362 icu-doc_52.1-7.1_all.deb Files: 46368b593a435efa0de898f1bc10c09f 2665 libs optional icu_52.1-7.1.dsc 15603a20bc70b87f0d0af3737d899cc1 25340 libs optional icu_52.1-7.1.debian.tar.xz 48e3db476ad7d3041edf86857bdda374 2648362 doc optional icu-doc_52.1-7.1_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQQcBAEBCgAGBQJU4VtCAAoJELjWss0C1vRzxp8gAKZB/jVOflWrNGGbk8ILP872 aBCH10s7z2FSvdRhBRDTJMf5i72YzbNB2JG4NxHxFi7FKPmkpim8cyOoAMK2TZko beqeaArUS+ziI7o6WY0K8M8lWC5ml1k19EIzLpsZJ7RrpqjIMkqiUw/0C6ErZJDl F+7ru/jduK7CaeEMR7KhPWQpGZ3bOWm3yPUO+YRB8EUv+T+ZoNkvCNfWMkq1qXql mzVzfdqx0+b7glllROFdNvgls5vdBehW4TOUBc3oiYrbQs7jYwqXHWsTkJDbdwim UQVfq7j7QKSScST7oxqPlfOJYXO1eq4HWc3y8kZ8RMQ90ozJq295FhaZxaEgRbvH q3CTNJB3aubMHydMaGNJcZ9V9og2G/RbXG3cHfebv6roe1tVaU9ea9aiDsS2MXLR tH5qF8EAUvUdfd6ayW3YytxHy31DeNsGzo2h0PZwYjWPyXfs5sVUltf6Ni2zPQwA x37XJJRUiSrsjh+1ICWg8XOxHgrT+9TF3k0iTndIe2qK1GQSVRrIOMhYp6bf68B/ RBVDn3xV9LRNLb4sXzAySU33MomY31xgWbfC6RR7STPhnnyIgGG2rdsjky5yIj1p s4s/CtOEAesPsIgp/4My5fYJcpCo7rRAgMgK92sjgxFeCKiLJvbDuLe43EVBH0MX qsUo539WmSQ1qug6pdMKla9F7YiNUR7J69CBE+gBZZRRKL4YDb65ITelP58TFQCJ b1G6fgksfLA2QQVjddM1tcIHTmsVpGyEA2REtwcBUnrrR08CHSJTl93huJ78SdGo oRdpttmWr9/0pLV6u5AD7fauGCbBFiJydvlY4edwLzlGvezIQwB2TiUUozvLZB37 6eBT33kcm/+THkhPBEQaO0zA+JMgv5cHc3xyi3O8pduer6HSQMnSvAQSo1H4BX5q XV3u2c1jLPa5vH1MABOQmMYty67JlICtcJARghfZPZ4OJiDV/4xb+oF3AoYvLQ7j FkPxXTZMPX23eFrNeMrpOCTCiqXuHrkunaWf4QryeDAGV/y6/drJYaQ/RLdXd9YD lJSSi+iEqoPSQO0uCajC4WqqBDWYB44MxUqQpEgxqG7I2mNiG/EOlm6QZKO7CKIO dO67I/j+JF08jrWQsC/RIakn4GJvFQrNNCdNLNEz9gMtf3BmYB0uZTTLz70Ag5zm fMs8K1zfJL9BEG+F9nsq9TOTPKwqzZ9hyVw+niK/S/vJClxRKpgVZ5Jcn7No+A7F Wy6nBR1C3aKF/ySaRcELUnTS3CAx2Ttx4w98HUKTc8337eOO718jBrqyWLqEF3vk bPnaqMrx7Yr4iC7rhsdaIETbSsWABLF/HgdkjkGQcmMS1LrY3omFxgB/PiJnzPE= =PeGE -----END PGP SIGNATURE-----
--- End Message ---
