Your message dated Sun, 17 Apr 2022 11:32:24 +0000 with message-id <e1ng38i-0008np...@fasolo.debian.org> and subject line Bug#1008265: fixed in zlib 1:1.2.11.dfsg-2+deb11u1 has caused the Debian Bug report #1008265, regarding CVE-2018-25032: zlib memory corruption on deflate to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1008265: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1008265 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Source: zlib Version: 1:1.2.11.dfsg-2 Severity: grave Tags: security X-Debbugs-Cc: Debian Security Team <t...@security.debian.org> This was assigned CVE-2018-25032: https://www.openwall.com/lists/oss-security/2022/03/24/1 https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531 Cheers, Moritz
--- End Message ---
--- Begin Message ---Source: zlib Source-Version: 1:1.2.11.dfsg-2+deb11u1 Done: Salvatore Bonaccorso <car...@debian.org> We believe that the bug you reported is fixed in the latest version of zlib, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 1008...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Salvatore Bonaccorso <car...@debian.org> (supplier of updated zlib package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Fri, 25 Mar 2022 22:45:28 +0100 Source: zlib Architecture: source Version: 1:1.2.11.dfsg-2+deb11u1 Distribution: bullseye-security Urgency: high Maintainer: Mark Brown <broo...@debian.org> Changed-By: Salvatore Bonaccorso <car...@debian.org> Closes: 1008265 Changes: zlib (1:1.2.11.dfsg-2+deb11u1) bullseye-security; urgency=high . * Non-maintainer upload by the Security Team. * Fix a bug that can crash deflate on some input when using Z_FIXED (CVE-2018-25032) (Closes: #1008265) Package-Type: udeb Checksums-Sha1: 5029c714967e9622bfe05ca178f18be04ee82350 2905 zlib_1.2.11.dfsg-2+deb11u1.dsc 1b7f6963ccfb7262a6c9d88894d3a30ff2bf2e23 370248 zlib_1.2.11.dfsg.orig.tar.gz 24795ee350b356727f92703acee03ba1409d4794 23356 zlib_1.2.11.dfsg-2+deb11u1.debian.tar.xz Checksums-Sha256: 4be50e6655d32da16f6fa663946838a7c60d68e3421510e64ab77067d1eb6e54 2905 zlib_1.2.11.dfsg-2+deb11u1.dsc 80c481411a4fe8463aeb8270149a0e80bb9eaf7da44132b6e16f2b5af01bc899 370248 zlib_1.2.11.dfsg.orig.tar.gz 7380daff57172ae036210c74dabef77dbab7489ff24eb68eb1b770445eb28dc6 23356 zlib_1.2.11.dfsg-2+deb11u1.debian.tar.xz Files: fba2cf0c1e20b5f7777672cc09923654 2905 libs optional zlib_1.2.11.dfsg-2+deb11u1.dsc 2950b229ed4a5e556ad6581580e4ab2c 370248 libs optional zlib_1.2.11.dfsg.orig.tar.gz a5b2ce378e93e579969c99f17fdbe932 23356 libs optional zlib_1.2.11.dfsg-2+deb11u1.debian.tar.xz -----BEGIN PGP SIGNATURE----- iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmJBys5fFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk ZWJpYW4ub3JnAAoJEAVMuPMTQ89EbmoP/iN8UO+OtvpjCOCLOwszL2y84+0T5XKk NTAfOIh67q0Qp4FU8e1J2xQ1EZHdlOm20DWwOh5GZg0f8dupQWzFWCWuX89Nk5EY 44O06zSq7drW0vj7xKYRVCy2Pkbv/vNj9cS5hihU2VLONdGXsEmm4QmQqco8KIGZ uyLUoZsl7UPGSxUmM+6G0Gx+GKq8C+WXjRmzhZZXmRQoopOI2T3o291qqdXzKr6Q 64AGkWTjQUuQf1OPHcyXr4YGsw5B9WgWQmCFr1d3M/aKXWWwt+OZr+ZhM1Kf+bQz k6kZhZs/rNZ4PbU9EkjP8XhJP+zVb/LpfuHrt/vs9Y27h9Nw9VFA42imgQUpcZQK WZAKTc5Tq6uip5xQolPhpteNQtRElA42bjGuPj4NfMo4Mhe27iA400nEAY7NIEMx YSxCI181PtZeus8hFDtPyUPsMRMnGmlvxEj1IOXU+L3J67rMkr1yuG7cg546di8R yZY2WcYF/hnY0DOKi4aOt++/POnYvuOLAXXivinfmfVv/b/7uyCnH+0U3nx+fAj+ S6ys/R3i99NxOm5mOHHGTD0JYqZT8H61G3yqmMN7HnMKJBhyZ0iG9/IXhDfmjCBw lz/2LRTauIgO399IxRLV+ccsYK2peHYtKs9D0QwmDNRcdXNCQM4yMwKN+0PgQDCc pkcJ/GeTbUqU =Ai24 -----END PGP SIGNATURE-----
--- End Message ---
