Your message dated Sun, 15 May 2016 10:24:12 +0000
with message-id <e1b1tdy-0000zf...@franck.debian.org>
and subject line Bug#824160: fixed in p7zip 15.14.1+dfsg-2
has caused the Debian Bug report #824160,
regarding p7zip: CVE-2016-2334 CVE-2016-2335
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
824160: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=824160
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: p7zip
Version: 15.14.1+dfsg-1
Severity: grave
Tags: security upstream fixed-upstream

Hi,

the following vulnerabilities were published for p7zip.

CVE-2016-2334[0]:
Heap-buffer-overflow vulnerability

CVE-2016-2335[1]:
Out-of-bounds read vuilerability

If you fix the vulnerabilities please also make sure to include the
CVE (Common Vulnerabilities & Exposures) ids in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2016-2334
[1] https://security-tracker.debian.org/tracker/CVE-2016-2335

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore

--- End Message ---
--- Begin Message ---
Source: p7zip
Source-Version: 15.14.1+dfsg-2

We believe that the bug you reported is fixed in the latest version of
p7zip, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 824...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Robert Luberda <rob...@debian.org> (supplier of updated p7zip package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Sun, 15 May 2016 11:35:38 +0200
Source: p7zip
Binary: p7zip p7zip-full
Architecture: source
Version: 15.14.1+dfsg-2
Distribution: unstable
Urgency: high
Maintainer: Robert Luberda <rob...@debian.org>
Changed-By: Robert Luberda <rob...@debian.org>
Description:
 p7zip      - 7zr file archiver with high compression ratio
 p7zip-full - 7z and 7za file archivers with high compression ratio
Closes: 824160
Changes:
 p7zip (15.14.1+dfsg-2) unstable; urgency=high
 .
   * Fix the heap buffer overflow in HFS handler (CVE-2016-2334) and
     out of bounds read in UDF handler (CVS-2016-2335) using patches from
     https://sourceforge.net/p/p7zip/discussion/383043/thread/9d0fb86b/
     (closes: #824160).
Checksums-Sha1:
 d004ec56cae5cca9f643ff2379deaed93af317d7 1927 p7zip_15.14.1+dfsg-2.dsc
 a8e69df94b49883e7d9315dd26198572399f51d0 21004 
p7zip_15.14.1+dfsg-2.debian.tar.xz
Checksums-Sha256:
 84600fc9d88a892927c54537b733538f7febf56f8a920b9bb685f904c236aa54 1927 
p7zip_15.14.1+dfsg-2.dsc
 f4db6803535fc30b6ae9db5aabfd9f57a851c6773d72073847ec5e3731b7af37 21004 
p7zip_15.14.1+dfsg-2.debian.tar.xz
Files:
 38568344189c39144558060339380c29 1927 utils optional p7zip_15.14.1+dfsg-2.dsc
 a10894e90fa5bfa7be735bea18a952d5 21004 utils optional 
p7zip_15.14.1+dfsg-2.debian.tar.xz

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBCAAGBQJXOEXzAAoJEGMd51U76K/UU2IP/0eLacomTe8dRmkSTgokvTCe
g5+iVrf3MLxU+FTY25b/FY7DvAsRGAgXMgz9mMXL1fGgCZ2WXwV9Hw/lGn6w07QW
O/0onQe6E3t282DejTYU5c5iESbAY8hHXinP8Cd6OCQb85bbAiF34Z8OKhQ7tLzQ
6JLYVQmBpFqm6OgS/OS1VcOsEv41Vs1eZENfl0v2qzp01sNhlPnbRjPvblnRZadm
Hm06qbH2ZLXpRARrFuJC1RC2WZGHWcnArRp+nweS/XO/pOey71PvVDOtKx3lu/GY
RmiQpAB1fNXmMLZotWPAgOIdXQhxH5EUi6B0+ur8lRylSkvXqojsAdmTpF0nOcwk
bcTpxg4CU+eOWBB2yc/mGYldXtpOFas49ohd8DBtUmcs2o7ly4RRC0uIYXu6rIFu
RaggtsgHGcwlxkVrxeSFx7bIXLQZIWqFzeJcpFGucgEKD4lmF3FKzRVF4ob7tThl
ooykNXwaf/fgXQ0BpxfFA0npwAJD3MqGnrn2nXi8CBvmgEU6o8a5IcIypMo11Put
4l7yYnNDwei3RqogIaDUMEmml0g3KOyqjIdB4hgybxhGK3Z4UkxnNBJkXPZI+VRS
zDUyZgb84lmGiQKtamX2NPPKbBrK4SQZ9n0gtyKZlmMTI0BlglJqd0W7/4ld34xX
pugsajvQfTkbeb8UvRy2
=qVMf
-----END PGP SIGNATURE-----

--- End Message ---

Reply via email to