Bug#869263: marked as done (libgd2: CVE-2017-7890: Buffer over-read into uninitialized memory)

Wed, 30 Aug 2017 08:03:37 -0700 

Your message dated Wed, 30 Aug 2017 16:58:33 +0200
with message-id <20170830145833.fwgi4iloorrkia5b@eldamar.local>
and subject line Re: Bug#869263: libgd2: CVE-2017-7890: Buffer over-read into 
uninitialized memory
has caused the Debian Bug report #869263,
regarding libgd2: CVE-2017-7890: Buffer over-read into uninitialized memory
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
869263: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869263
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message --- 
Source: libgd2
Version: 2.2.4-2
Severity: important
Tags: security upstream
Forwarded: https://github.com/libgd/libgd/issues/399

Hi,

the following vulnerability was published for libgd2.

CVE-2017-7890[0]:
Buffer over-read into uninitialized memory

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2017-7890
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7890
[1] https://github.com/libgd/libgd/issues/399

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore

--- End Message ---
--- Begin Message --- 
Source: libgd2
Source-Version: 2.2.5-1

On Sat, Jul 22, 2017 at 09:11:15AM +0200, Salvatore Bonaccorso wrote:
> Source: libgd2
> Version: 2.2.4-2
> Severity: important
> Tags: security upstream
> Forwarded: https://github.com/libgd/libgd/issues/399
> 
> Hi,
> 
> the following vulnerability was published for libgd2.
> 
> CVE-2017-7890[0]:
> Buffer over-read into uninitialized memory

This one is fixed with the 2.2.5-1 upload to unstable.

Regards,
Salvatore

--- End Message ---

Reply via email to