Your message dated Fri, 22 Mar 2019 00:36:49 +0000
with message-id <e1h78az-00089o...@fasolo.debian.org>
and subject line Bug#925255: fixed in ntfs-3g 1:2017.3.23AR.3-3
has caused the Debian Bug report #925255,
regarding ntfs-3g: CVE-2019-9755: heap buffer overflow
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
925255: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=925255
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: ntfs-3g
Version: 1:2017.3.23AR.3-2
Severity: grave
Tags: security upstream fixed-upstream
Control: found -1 1:2016.2.22AR.1+dfsg-1
Control: fixed -1 1:2016.2.22AR.1+dfsg-1+deb9u1
Control: fixed -1 1:2017.3.23AR.4-1
Hi,
The following vulnerability was published for ntfs-3g, still filling
a bug for tracking.
CVE-2019-9755[0]:
heap buffer overflow
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2019-9755
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9755
[1]
https://sourceforge.net/p/ntfs-3g/ntfs-3g/ci/85c1634a26faa572d3c558d4cf8aaaca5202d4e9/
Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: ntfs-3g
Source-Version: 1:2017.3.23AR.3-3
We believe that the bug you reported is fixed in the latest version of
ntfs-3g, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 925...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Laszlo Boszormenyi (GCS) <g...@debian.org> (supplier of updated ntfs-3g package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Thu, 21 Mar 2019 23:52:51 +0000
Source: ntfs-3g
Architecture: source
Version: 1:2017.3.23AR.3-3
Distribution: unstable
Urgency: high
Maintainer: Laszlo Boszormenyi (GCS) <g...@debian.org>
Changed-By: Laszlo Boszormenyi (GCS) <g...@debian.org>
Closes: 925255
Changes:
ntfs-3g (1:2017.3.23AR.3-3) unstable; urgency=high
.
[ Salvatore Bonaccorso <car...@debian.org> ]
* Fix heap-based buffer overflow (CVE-2019-9755) (closes: #925255).
Checksums-Sha1:
1af5228c5b3888a83b3fcdf95727922f1023d3dd 2176 ntfs-3g_2017.3.23AR.3-3.dsc
79893964d4b1c952cbc83aaad63f1043889211e7 23024
ntfs-3g_2017.3.23AR.3-3.debian.tar.xz
ce6139d2c2c1d2e1e71e0f65f1692769efba72c5 9048
ntfs-3g_2017.3.23AR.3-3_amd64.buildinfo
Checksums-Sha256:
aa77d40ad25d04c2ec569ab16dbaa8e116dd3b16cd6377c5897e8c8cbe0415ad 2176
ntfs-3g_2017.3.23AR.3-3.dsc
029fb1f91bd69c9e7ca125ddca2524e0288724db022dc2bfd9c7c6cb6f648629 23024
ntfs-3g_2017.3.23AR.3-3.debian.tar.xz
bf9ba2263583fffb08038655978acd32f2724c65aece98761dfac9cc7f67c243 9048
ntfs-3g_2017.3.23AR.3-3_amd64.buildinfo
Files:
9544f562f7a61c347cd456a86ceea06a 2176 otherosfs optional
ntfs-3g_2017.3.23AR.3-3.dsc
3f7c4578f6e7e85b45706c74a9eb21d7 23024 otherosfs optional
ntfs-3g_2017.3.23AR.3-3.debian.tar.xz
0bcbab542a07710591c2ff009d582061 9048 otherosfs optional
ntfs-3g_2017.3.23AR.3-3_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEfYh9yLp7u6e4NeO63OMQ54ZMyL8FAlyUKOUACgkQ3OMQ54ZM
yL/a3A//UjP42v/IwgRbwhTpXbYNeR8QP/icS3ZFah2i416EqLdYY7XSMqjZY/MH
vc3ISSTpySoS0Z42qvbpM/hpUjKPPT9Tfz/u87FZffftf+QigehgAlHTMZEYRqBi
kVpV1DQAqKVzjazSMidQq24c77g5PiBcr19wsC57thoOV+IYavAIat/yhU2wdTQO
3YZ9dkZdvOtV8v1wygItkX0MzO5KJHKyiI6Ti32XIzZm+rgC3BvrdgJpDVQEa2lo
ktXoRfJ/ZvqarXBP7BxBlVvBV47n5m6Hfd5ARXNISd2WJhVT4qyMDerV7uWI6BeH
CCT9Rl9dtcgPQ34nZD0kIQrN020AXU8ALOoKko9hF84cgzjJMcIySSWaI3io3Rtx
4ShUVZrbKZ0QsgnIsBX0SJ9zMjepb6lai5kQHoynZq/79YHC6jx12ODd6E0GEPEP
CXxPRMA6ZONk1eyEr8YRUYsE6tYBnnkHIE6XcAbM/THKRiWE29D/z+6SZ42R60/N
Lsnw70YWIzztdmHbwlvxvaRh1rGJ27EnTvyN0Gbo0sKiCgIZRJe37PE6YgnO0jzu
2bS15ajSysH/bJNqZqyxHeuO09Oy8KlYc8B8ckmyaOYrlJjmCpVO6q9bs7GNd5TW
X6j5YrQc6iq7B3r+1TAFOkz3TjHQtpesqWsc74Bm2Va35QsupEc=
=8tmI
-----END PGP SIGNATURE-----
--- End Message ---
