Your message dated Sat, 24 Sep 2016 07:55:14 +0200 with message-id <2flzimxg7ul....@diskless.uio.no> and subject line Bug fixed in Jessie has caused the Debian Bug report #818037, regarding vorbis-tools: vcut always(?) segfaults to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 818037: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=818037 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: vorbis-tools Version: 1.4.0-6 Severity: grave File: /usr/bin/vcut Justification: renders package unusable Sorry for the brief description, but for what I can tell, that's really it. I tried various cases, and vcut always seems to just segfault. Here's one example: % head -c 500000 /dev/zero | oggenc -Q -r -o 1.ogg - % vcut 1.ogg 2.ogg 3.ogg +1 Processing: Cutting at 1,000000 seconds Segmentation fault Tried on both i386 and amd64. It did work correctly under squeeze and wheezy. -- System Information: Debian Release: 8.3 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'proposed-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 3.16.0-4-amd64 (SMP w/8 CPU cores) Locale: LANG=de_DE, LC_CTYPE=de_DE (charmap=ISO-8859-1) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages vorbis-tools depends on: ii libao4 1.1.0-3 ii libc6 2.19-18+deb8u4 ii libcurl3-gnutls 7.38.0-4+deb8u3 ii libflac8 1.3.0-3 ii libogg0 1.3.2-1 ii libspeex1 1.2~rc1.2-1 ii libvorbis0a 1.3.4-2 ii libvorbisenc2 1.3.4-2 ii libvorbisfile3 1.3.4-2 vorbis-tools recommends no packages. vorbis-tools suggests no packages. -- no debconf information
--- End Message ---
--- Begin Message ---Version: 1.4.0-6+deb8u1 This issue was fixed in Jessue with this upload: vorbis-tools (1.4.0-6+deb8u1) jessie; urgency=low . [ Petter Reinholdtsen ] * Add gbp.conf file documenting git branch to use for updates to Jessie. * oggenc: Fix large alloca on bad AIFF input to oggenc (CVE-2015-6749). (Closes: 797461) * oggenc: Validate count of channels in the header (CVE-2014-9638, CVE-2014-9639). (Closes: 776086) . [ Martin Steghöfer ] * Fix segmentation fault in vcut (Closes: #818037) No idea why the BTS have not noticed yet, but I close the bugs manually to have the fact properly recorded. -- Happy hacking Petter Reinholdtsen
--- End Message ---
