Your message dated Sat, 03 Apr 2021 00:33:29 +0000 with message-id <e1lsued-000ix2...@fasolo.debian.org> and subject line Bug#985092: fixed in lib3mf 1.8.1+ds-4 has caused the Debian Bug report #985092, regarding CVE-2021-21772 to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 985092: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985092 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Source: lib3mf Severity: grave Tags: security X-Debbugs-Cc: Debian Security Team <t...@security.debian.org> This was assigned CVE-2021-21772: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1226 Cheers, Moritz
--- End Message ---
--- Begin Message ---Source: lib3mf Source-Version: 1.8.1+ds-4 Done: Kristian Nielsen <kniel...@knielsen-hq.org> We believe that the bug you reported is fixed in the latest version of lib3mf, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 985...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Kristian Nielsen <kniel...@knielsen-hq.org> (supplier of updated lib3mf package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Thu, 01 Apr 2021 21:25:54 +0200 Source: lib3mf Architecture: source Version: 1.8.1+ds-4 Distribution: unstable Urgency: medium Maintainer: Torsten Paul <torsten.p...@gmx.de> Changed-By: Kristian Nielsen <kniel...@knielsen-hq.org> Closes: 985092 Changes: lib3mf (1.8.1+ds-4) unstable; urgency=medium . * Fix use-after-free (CVE-2021-21772), backporting fix from v2.1.1 (Closes: #985092) Checksums-Sha1: e4727f21bfe88f6fc8e7a4fc7fcf8f6ef578075d 1942 lib3mf_1.8.1+ds-4.dsc d006a4170b37ae1c5e7f03b454661aa5760f5432 5424 lib3mf_1.8.1+ds-4.debian.tar.xz 599e51a12a4ff08858bac64e7e9a19a68740ddd6 5963 lib3mf_1.8.1+ds-4_source.buildinfo Checksums-Sha256: bc3b8e307ce7aceb9c26e3bf3b0ef74f923d8bf4dc2e93390e1fd902700f4a2e 1942 lib3mf_1.8.1+ds-4.dsc 7117f4338282087149e3c4ed8cb06c7f4f1d5e641b45b46fa19ec531f3405db5 5424 lib3mf_1.8.1+ds-4.debian.tar.xz 5e84f19b33d5bb92036e47f58233715868dbf8f6e8a6bd8e6a2c312ca8d32100 5963 lib3mf_1.8.1+ds-4_source.buildinfo Files: af24dbd3e3a51bfe7060daea05335e17 1942 libs optional lib3mf_1.8.1+ds-4.dsc 41554131f2320d1da5d9c39822c89743 5424 libs optional lib3mf_1.8.1+ds-4.debian.tar.xz 5f42919e711f084fe0f1a6327d0b12de 5963 libs optional lib3mf_1.8.1+ds-4_source.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEfRrP+tnggGycTNOSXBPW25MFLgMFAmBntaMACgkQXBPW25MF LgPuYxAAgazVKNqozDXZN3XgUfDNP8Zm5i2MzNRuxRFUasqHCZzigwDLhya5Owj0 phbi/0S1cy2NRJ7VifZzRSKpRV8EB9bzxCdnm092qEd93TCMN1E1w518HtN86g5w QASOJnvkBtKeYvbLjyw/A0ChTdAtqyhT0CmqZgFklngWJd+lg4+FcZFnxNitip9W fDqljeJDL3E1ec5EXyILe9xA56NBmxqbfCR0po5UXTurDSaviLi13PdZ3wTmy+v7 kv/cKuYutMDHIE8s7nU4J/R6WJ9x15HDtqmu0xmU2kmTRJDyb2S2j5Uk+o7yU3Ft AMaUvw65gGru85jUDmbpz/mLFwAOsaPWOrH4oMN5O5Syj/cvaQAKsB20yjRewE/J QF0UaT8DdpX1wY6Cg/0ywQD1IbMyzGq1BcLHXIjpDaQ3vWnorNHbawrpOkRNHuHY Wgchr4WgB2gfETCYPPnLHc55FtJWRvVXo4fn9CT3zwL8L6wJqZbywhRcowU4jQNI ap2Kfx+3QN3UgkJutWxGq37IsjjjQYNNY68EOtN8X4aKcgeUD0uiqxbAB5BKTgPU v4H2thNnt9KiT+BAHlOYriPHAoPx3kalRjz4Jpli6DJ89WsbAyAUga0HS4Dlj4kG vvJDZk+sgk+qPlY5Fx3d+dQa8c+UXnGud7MlaZNwop/fGp17/Q0= =zVQl -----END PGP SIGNATURE-----
--- End Message ---
