Your message dated Mon, 21 Jan 2019 21:50:38 +0000 with message-id <e1glhso-0003pf...@fasolo.debian.org> and subject line Bug#919321: fixed in svgpp 1.2.3+dfsg1-4 has caused the Debian Bug report #919321, regarding CVE-2019-6246 to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 919321: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=919321 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Source: svgpp Severity: grave Tags: security Please see http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6246 It will also be affected by CVE-2019-6247 and CVE-2019-6245, as agg doesn't provide a shared library... So make sure to add a versioned build-deps on the fixed agg when that's done. Cheers, Moritz
--- End Message ---
--- Begin Message ---Source: svgpp Source-Version: 1.2.3+dfsg1-4 We believe that the bug you reported is fixed in the latest version of svgpp, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 919...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Anton Gladky <gl...@debian.org> (supplier of updated svgpp package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Mon, 21 Jan 2019 22:41:04 +0100 Source: svgpp Binary: libsvgpp-dev libsvgpp-doc Architecture: source Version: 1.2.3+dfsg1-4 Distribution: unstable Urgency: medium Maintainer: Anton Gladky <gl...@debian.org> Changed-By: Anton Gladky <gl...@debian.org> Description: libsvgpp-dev - SVG-framework with parsers for various syntaxes and adapters. Dev libsvgpp-doc - SVG-framework with parsers for various syntaxes and adapters. Doc Closes: 884700 919321 Changes: svgpp (1.2.3+dfsg1-4) unstable; urgency=medium . [ Ondřej Nový ] * d/control: Deprecating priority extra as per policy 4.0.1 * Use 'python3 -m sphinx' instead of sphinx-build for building docs * d/control: Remove Testsuite field, not needed anymore * d/control: Set Vcs-* to salsa.debian.org . [ Anton Gladky ] * [5d0f0bc] Fix CVE-2019-6246. (Closes: #919321) * [f3060a6] Set compat level 11 * [a3e759c] Fix some privacy-breaches . [ Matthias Klose ] * [60dacd9] autopkg tests: Build with -g1, same as done for the build. (Closes: #884700) Checksums-Sha1: 0faa6216a5e19e3badeec9580bfdd80ad8cb1fd1 2093 svgpp_1.2.3+dfsg1-4.dsc d120a59a81ce3177e4076c5593bd1b7dc9e1ec44 4896 svgpp_1.2.3+dfsg1-4.debian.tar.xz 87a5c0bf480a97548c744467b6dfac906947d21f 6307 svgpp_1.2.3+dfsg1-4_source.buildinfo Checksums-Sha256: d5a8610ad2bcb61348cdd5881eb8ab31abca6b4caf87c093bb2752a04f05fd41 2093 svgpp_1.2.3+dfsg1-4.dsc 249d1a7c60cc85ab3bb3a49e82ecc6648e9d0f0dc08b21c7f8d21d52a460bc41 4896 svgpp_1.2.3+dfsg1-4.debian.tar.xz e127714e82fa2dd594d1dce825947faa57bf372bf6e86806fa87ac538bc2cf1f 6307 svgpp_1.2.3+dfsg1-4_source.buildinfo Files: 8429a529c64f7de159576b316ec982b5 2093 libs optional svgpp_1.2.3+dfsg1-4.dsc 02de3af9a52b1a7433139afe79e80154 4896 libs optional svgpp_1.2.3+dfsg1-4.debian.tar.xz e6c5bc349de1f0f3a49b381081608c14 6307 libs optional svgpp_1.2.3+dfsg1-4_source.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEu71F6oGKuG/2fnKF0+Fzg8+n/wYFAlxGPKgACgkQ0+Fzg8+n /wYjhQ/+Kjdzylh0NB/OrJIbgILMwBRL1lFcEvvUGEMcVDTgxgKokQqw7cYHW3XH oDN/sKlhuaOmOWOojzfuQlbdXus0CQt10nrBNdce967h3LuhsdeGrnvAVqCCoMu/ 4GaIpy5motPkT3Yitn+sPCuOuLtBTXNoNL3hhke6AJVeDA0HNd/ZK/9PnFvv7IHJ lIPsm3tb1Wzw2gD3KW2FvjS9YeBhYcqS6UIBK3ituRs4l+FVY4ghKdg7GPxn32l9 M22kP9w3BmyuxfD5CZM6qkSQ64RtOfVeg3hQa6teajr8OIYAcF4QUrZ7OuJBKOs1 HtCkt4Tmcd85s2pIKBoVaGlIRS1JIcebf6UwGFdJWumjdUI7ynjXn/UOxldjUpdM H/LcKEQHQ9hx19puD71MW/2WW5GmEA35VwfW6lsdHnOIJq9jUv+bbALa+zlUIuyg oOZE7ROSHMM6gnkpzZ/pYjpFFVjhSCiLnq+ivorabkC8ahh+yw0FyQM7+T3ULe6z 3TjXY0y3yQpIRaA0elJtAbfQFRIbHfWRqLJH7bwTrtKEjXn1ffNNLRasEGJD71ks eoVp5q1z5XwHP2Tkch9Pr0TP2CWPdopBYRaErAMD3iSRCsQejV7KzYPShmzIS0fc kL8Y7DLDV/rbNrkqx844tumOTzZIWKRdUhCmkkM7RGChe+EBv8o= =03E+ -----END PGP SIGNATURE-----
--- End Message ---
