Your message dated Fri, 10 Sep 2021 10:47:45 +0000 with message-id <e1moe4p-0009my...@fasolo.debian.org> and subject line Bug#988386: fixed in ntfs-3g 1:2017.3.23AR.3-4+deb11u1 has caused the Debian Bug report #988386, regarding ntfs-3g: CVE-2021-33285 CVE-2021-35269 CVE-2021-35268 CVE-2021-33289 CVE-2021-33286 CVE-2021-35266 CVE-2021-33287 CVE-2021-35267 CVE-2021-39251 CVE-2021-39252 CVE-2021-39253 CVE-2021-39254 CVE-2021-39255 CVE-2021-39256 CVE-2021-39257 CVE-2021-39258 CVE-2021-39259 CVE-2021-39260 CVE-2021-39261 CVE-2021-39262 CVE-2021-39263 to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 988386: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988386 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: ntfs-3g Version: 2017.3.23AR.3 For CVE's pending from upstream, is everything already mirrored so upstream fixes are applied in the next release? I'm asking because the upstream maintainers are trying to identify how soon their fixes will be applied to your packages. Thanks, -- *Jeremy Galindo* Associate Mgr., Offensive Security Datto, Inc. Direct Line www.datto.com <http://www.datto.com/datto-signature/> Join the conversation! [image: Facebook] <http://www.facebook.com/dattoinc> [image: Twitter] <https://twitter.com/Datto> [image: LinkedIn] <https://www.linkedin.com/company/5213385> [image: Blog RSS] <http://blog.datto.com/blog> [image: Slideshare] <http://www.slideshare.net/backupify> [image: Spiceworks] <https://community.spiceworks.com/pages/datto>
--- End Message ---
--- Begin Message ---Source: ntfs-3g Source-Version: 1:2017.3.23AR.3-4+deb11u1 Done: Salvatore Bonaccorso <car...@debian.org> We believe that the bug you reported is fixed in the latest version of ntfs-3g, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 988...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Salvatore Bonaccorso <car...@debian.org> (supplier of updated ntfs-3g package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sun, 05 Sep 2021 14:50:38 +0200 Source: ntfs-3g Architecture: source Version: 1:2017.3.23AR.3-4+deb11u1 Distribution: bullseye-security Urgency: high Maintainer: Laszlo Boszormenyi (GCS) <g...@debian.org> Changed-By: Salvatore Bonaccorso <car...@debian.org> Closes: 988386 Changes: ntfs-3g (1:2017.3.23AR.3-4+deb11u1) bullseye-security; urgency=high . * Non-maintainer upload by the Security Team. * Fixed an endianness error in ntfscp * Checked the locations of MFT and MFTMirr at startup * Fix multiple buffer overflows. CVE-2021-33285, CVE-2021-35269, CVE-2021-35268, CVE-2021-33289, CVE-2021-33286, CVE-2021-35266, CVE-2021-33287, CVE-2021-35267, CVE-2021-39251, CVE-2021-39252, CVE-2021-39253, CVE-2021-39254, CVE-2021-39255, CVE-2021-39256, CVE-2021-39257, CVE-2021-39258, CVE-2021-39259, CVE-2021-39260, CVE-2021-39261, CVE-2021-39262, CVE-2021-39263. (Closes: #988386) Checksums-Sha1: 78fea16aae37f144a4cc06c4e3af5e4c386fcb05 2369 ntfs-3g_2017.3.23AR.3-4+deb11u1.dsc 18a483bb91cb5cb532454ae5c4f18d71e5cd9b80 1277609 ntfs-3g_2017.3.23AR.3.orig.tar.gz 8b1c7734a2fbe740d3e9de4d77e421498acece81 34860 ntfs-3g_2017.3.23AR.3-4+deb11u1.debian.tar.xz Checksums-Sha256: 715b6fd6aaf2ecb26bc0d734bce34e3f66ede437431b217b0d5164f2d7797f72 2369 ntfs-3g_2017.3.23AR.3-4+deb11u1.dsc a83fbd533259abd5b73dc37635cc003a697248375702ddcc39af129957a7564b 1277609 ntfs-3g_2017.3.23AR.3.orig.tar.gz 482ae83729b3b0df0ad8d678cd6c72ee93d5033bd06bae81b98abd5cdd97650e 34860 ntfs-3g_2017.3.23AR.3-4+deb11u1.debian.tar.xz Files: 22917eed6b5ceaf761d8fa81a022669c 2369 otherosfs optional ntfs-3g_2017.3.23AR.3-4+deb11u1.dsc 5202fb9d41b0db673b73da4ca9bb88b5 1277609 otherosfs optional ntfs-3g_2017.3.23AR.3.orig.tar.gz 3fe14d3806a99104faa2286d431a58fb 34860 otherosfs optional ntfs-3g_2017.3.23AR.3-4+deb11u1.debian.tar.xz -----BEGIN PGP SIGNATURE----- iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmE0wctfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk ZWJpYW4ub3JnAAoJEAVMuPMTQ89EUZ0P/AhE3ULpPg3WeJN7dAreQtWPIKUZssVI 9beZQ4/kRPlws52Q+8NEdKXylxry2Tf8ZV7SW8z8kM55BDBChk8h3CcKQmvTL0M4 RIZ4FTsXUHxaoKtoVG04vF9FOCafHV2WUq/dQvCV0SGMBFqAg54eE+kmd8Z4Mnci qpDKsm7zm5dVii+3oVddj1e06WBz+FRvvs0Et+49vjrcVGoNTgdqPAuCBxrA6sNW CLbajp6bBMROhwIZHKFOwKhFA1QgyyjKXIyYMA+UDF/aDRoYHyeK/6XjNuMppwZt dUm8kwCQuEAjkMAFKVltQZQOY/SSw9WP/wxUNOayjbtc3pSflsLBZhI3cgi3NFRF x26vK40KeTX6P5QIHgr+GdlAwHM1hWEK3u7UarlRRpMxKvzmVVVDY1O+haGU8P64 SRnvkdfm7K+ukZ+/AdpbAe7wCxri01paE+Bpq5EmSdDTCWsHKPlrma+WH6uF30c7 K3wnOWbRLx0xzNJsT/W96iewg1Wq275DFZZDEPDuO/mneomBLiv78gHsS62QQx3t YJrDD+ZJOfs8x2Pt0dT4+S9a+y7L8Sdhb95R0B8vBhtOrm36aXbR0dXbPT2NuCNR jO03lY9y0DS3PGpCRNNlY+uifpRagE84A/BE1nP3KL7DIgKN9nEhKC2dxADTEel+ 1nOsLJIelefC =g/I3 -----END PGP SIGNATURE-----
--- End Message ---
