Your message dated Sat, 30 Jan 2021 13:34:07 +0000 with message-id <e1l5qo7-0002wh...@fasolo.debian.org> and subject line Bug#981336: fixed in libgcrypt20 1.9.1-1 has caused the Debian Bug report #981336, regarding libgcrypt20: CVE-2021-3345: Exploitable heap-based buffer overflow (Only relevant for Debian/experimental) to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 981336: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=981336 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: libgcrypt20 Version: 1.9.0-1 Severity: serious Tags: upstream Justification: maintainer's opinion https://lists.gnupg.org/pipermail/gcrypt-devel/2021-January/005086.html
--- End Message ---
--- Begin Message ---Source: libgcrypt20 Source-Version: 1.9.1-1 Done: Andreas Metzler <ametz...@debian.org> We believe that the bug you reported is fixed in the latest version of libgcrypt20, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 981...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Andreas Metzler <ametz...@debian.org> (supplier of updated libgcrypt20 package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sat, 30 Jan 2021 13:51:54 +0100 Source: libgcrypt20 Architecture: source Version: 1.9.1-1 Distribution: experimental Urgency: low Maintainer: Debian GnuTLS Maintainers <pkg-gnutls-ma...@lists.alioth.debian.org> Changed-By: Andreas Metzler <ametz...@debian.org> Closes: 981336 Changes: libgcrypt20 (1.9.1-1) experimental; urgency=low . * Add Bug-Database and Bug-Submit to upstream/metadata. * New upstream version. + Fixes heap buffer overflow introduced in 1.9.0. https://dev.gnupg.org/T5275. CVE-2021-3345 Closes: #981336 * 30_Revert-Define-HW-feature-flags-per-architecture.patch Fix w* build error. Checksums-Sha1: 2160ceae6153b3391ac95ced5c01df7ce5a67a0e 2800 libgcrypt20_1.9.1-1.dsc a15ce7355b028f28a33428eaa0147154861b29d4 3202683 libgcrypt20_1.9.1.orig.tar.bz2 359982d0f6fa7e231980a592b8d0cd3330095509 228 libgcrypt20_1.9.1.orig.tar.bz2.asc b20eb04a0e7b50028fc0843d8eb61b5d70bc26f7 33240 libgcrypt20_1.9.1-1.debian.tar.xz Checksums-Sha256: 8194f8794b092c0a2ebbe2476396f13c67b677ad0f81b0f6b80dd3feea03f751 2800 libgcrypt20_1.9.1-1.dsc c5a67a8b9b2bd370fb415ed1ee31c7172e5683076493cf4a3678a0fbdf0265d9 3202683 libgcrypt20_1.9.1.orig.tar.bz2 f7205de777f17010486c431742d0c28944b1591f3d27977c11b4a68855a69336 228 libgcrypt20_1.9.1.orig.tar.bz2.asc 4eda8fc83595a58f01beeec8686779f9869992a002d49c8a84971c8bc32d0896 33240 libgcrypt20_1.9.1-1.debian.tar.xz Files: e5c53c0cb8f25d496896ce3abc776b78 2800 libs optional libgcrypt20_1.9.1-1.dsc 8805f3e466af315222b6e1864f52b79a 3202683 libs optional libgcrypt20_1.9.1.orig.tar.bz2 239d25917977aab8cbd804eacce0f568 228 libs optional libgcrypt20_1.9.1.orig.tar.bz2.asc 0490386cf9926f315de3c94f8f425a09 33240 libs optional libgcrypt20_1.9.1-1.debian.tar.xz -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE0uCSA5741Jbt9PpepU8BhUOCFIQFAmAVXQQACgkQpU8BhUOC FIQ67w/8DSrwUknGRpn+OwMbQHFdw1Q/TNEphW7Acz6HrK6D2nt1kCUICQTcLYvN vlVxlcl9NddLAixeCL47G89nm/L8zW2F5hwHdIsuzb7/ZhgIeuvuTTZaFm3FmTNO KbewyveDVMilS5DX+4WyJ7SNpgspUu35yr8CTc1y/PGlrgHBSrnA8vCFfx1LB6c6 rHBwJrRytTivhZItoM0jOCdWfapCrMitOZu/+cslxRINcHV4epkMaOyMAriRDHVP h2BIq48XFF7/LJbJOgIja+6gnjHPf4ludCbg8RtgFZa5QynPdwgf55k0TBtfcQQ7 /9P9RvDq6cgKOty9eymE5zkOh6gUz3vEcW0Q7Es04zsTMdPgCq1H8IEs4r/nMDyd Lx1i/23KKYK2VuPD/qmssEMQbba08Ak+hpyVHnE1ZH51ZYQ9FsULeEP/D35KOQCj Q68N48fUSz0X7fgQATPhO56CbU8LQy87LNieffNQfPS/i2B/yklid7TPEwnyu3v0 xvyDAVSGV7OmWWTJDiCfpEXuiJuBdqRiIDFXlNTyxk2rvihaS0vUx+mavtSTbNGb jg3OicicWSDaJwgq8frKZbypldkFYckbAz3vWaJFTyLGtPLfp6Z9k9D2uI3/45tC +fTBGcqkyJc7laAYQsS4/uh2TSkzbSxYU1VHD8xlscGyPSkv+Jo= =I+1a -----END PGP SIGNATURE-----
--- End Message ---
