Bug#1060407: marked as done (Multiple security issues)

Debian Bug Tracking System Thu, 04 Apr 2024 15:51:18 -0700

Your message dated Thu, 04 Apr 2024 22:47:08 +0000
with message-id <e1rsvrq-00bx14...@fasolo.debian.org>
and subject line Bug#1060407: fixed in gtkwave 3.3.118-0.1~deb12u1
has caused the Debian Bug report #1060407,
regarding Multiple security issues
to be marked as done.


This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1060407: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1060407
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

--- Begin Message ---

Source: gtkwave
Version: 3.3.116-1
Severity: grave
Tags: security
X-Debbugs-Cc: Debian Security Team <t...@security.debian.org>

A very thorough security audit of gtkwave unveiled a total of 82 security
issues in gtkwave, all fixed in 3.3.118:

CVE-2023-32650 CVE-2023-34087 CVE-2023-34436 CVE-2023-35004
CVE-2023-35057 CVE-2023-35128 CVE-2023-35702 CVE-2023-35703
CVE-2023-35704 CVE-2023-35955 CVE-2023-35956 CVE-2023-35957
CVE-2023-35958 CVE-2023-35959 CVE-2023-35960 CVE-2023-35961
CVE-2023-35962 CVE-2023-35963 CVE-2023-35964 CVE-2023-35969
CVE-2023-35970 CVE-2023-35989 CVE-2023-35992 CVE-2023-35994
CVE-2023-35995 CVE-2023-35996 CVE-2023-35997 CVE-2023-36746
CVE-2023-36747 CVE-2023-36861 CVE-2023-36864 CVE-2023-36915
CVE-2023-36916 CVE-2023-37282 CVE-2023-37416 CVE-2023-37417
CVE-2023-37418 CVE-2023-37419 CVE-2023-37420 CVE-2023-37442
CVE-2023-37443 CVE-2023-37444 CVE-2023-37445 CVE-2023-37446
CVE-2023-37447 CVE-2023-37573 CVE-2023-37574 CVE-2023-37575
CVE-2023-37576 CVE-2023-37577 CVE-2023-37578 CVE-2023-37921
CVE-2023-37922 CVE-2023-37923 CVE-2023-38583 CVE-2023-38618
CVE-2023-38619 CVE-2023-38620 CVE-2023-38621 CVE-2023-38622
CVE-2023-38623 CVE-2023-38648 CVE-2023-38649 CVE-2023-38650
CVE-2023-38651 CVE-2023-38652 CVE-2023-38653 CVE-2023-38657
CVE-2023-39234 CVE-2023-39235 CVE-2023-39270 CVE-2023-39271
CVE-2023-39272 CVE-2023-39273 CVE-2023-39274 CVE-2023-39275
CVE-2023-39316 CVE-2023-39317 CVE-2023-39413 CVE-2023-39414
CVE-2023-39443 CVE-2023-39444

Let's first fix unstable and then we can simple build 3.3.118
for stable-security and oldstable-security as well.

Full details in these advisories from TALOS:
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1777
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1783
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1785
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1786
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1789
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1790
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1791
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1792
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1793
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1797
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1798
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1803
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1804
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1805
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1806
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1807
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1810
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1811
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1812
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1813
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1814
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1815
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1816
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1817
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1818
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1819
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1820
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1821
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1822
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1823
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1824
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1826
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1827

Cheers,
        Moritz

--- End Message ---

--- Begin Message ---

Source: gtkwave
Source-Version: 3.3.118-0.1~deb12u1
Done: Adrian Bunk <b...@debian.org>

We believe that the bug you reported is fixed in the latest version of
gtkwave, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 1060...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Adrian Bunk <b...@debian.org> (supplier of updated gtkwave package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 28 Mar 2024 08:53:47 +0200
Source: gtkwave
Architecture: source
Version: 3.3.118-0.1~deb12u1
Distribution: bookworm-security
Urgency: high
Maintainer: Debian Electronics Team 
<pkg-electronics-de...@alioth-lists.debian.net>
Changed-By: Adrian Bunk <b...@debian.org>
Closes: 1060407
Changes:
 gtkwave (3.3.118-0.1~deb12u1) bookworm-security; urgency=medium
 .
   * Non-maintainer upload.
   * Rebuild for bookworm-security.
 .
 gtkwave (3.3.118-0.1) unstable; urgency=high
 .
   * Non-maintainer upload.
   * New upstream release.
     - Fixes multiple vulnerabilities:
       CVE-2023-32650, CVE-2023-34087, CVE-2023-34436, CVE-2023-35004,
       CVE-2023-35057, CVE-2023-35128, CVE-2023-35702, CVE-2023-35703,
       CVE-2023-35704, CVE-2023-35955, CVE-2023-35956, CVE-2023-35957,
       CVE-2023-35958, CVE-2023-35959, CVE-2023-35960, CVE-2023-35961,
       CVE-2023-35962, CVE-2023-35963, CVE-2023-35964, CVE-2023-35969,
       CVE-2023-35970, CVE-2023-35989, CVE-2023-35992, CVE-2023-35994,
       CVE-2023-35995, CVE-2023-35996, CVE-2023-35997, CVE-2023-36746,
       CVE-2023-36747, CVE-2023-36861, CVE-2023-36864, CVE-2023-36915,
       CVE-2023-36916, CVE-2023-37282, CVE-2023-37416, CVE-2023-37417,
       CVE-2023-37418, CVE-2023-37419, CVE-2023-37420, CVE-2023-37442,
       CVE-2023-37443, CVE-2023-37444, CVE-2023-37445, CVE-2023-37446,
       CVE-2023-37447, CVE-2023-37573, CVE-2023-37574, CVE-2023-37575,
       CVE-2023-37576, CVE-2023-37577, CVE-2023-37578, CVE-2023-37921,
       CVE-2023-37922, CVE-2023-37923, CVE-2023-38583, CVE-2023-38618,
       CVE-2023-38619, CVE-2023-38620, CVE-2023-38621, CVE-2023-38622,
       CVE-2023-38623, CVE-2023-38648, CVE-2023-38649, CVE-2023-38650,
       CVE-2023-38651, CVE-2023-38652, CVE-2023-38653, CVE-2023-38657,
       CVE-2023-39234, CVE-2023-39235, CVE-2023-39270, CVE-2023-39271,
       CVE-2023-39272, CVE-2023-39273, CVE-2023-39274, CVE-2023-39275,
       CVE-2023-39316, CVE-2023-39317, CVE-2023-39413, CVE-2023-39414,
       CVE-2023-39443, CVE-2023-39444
       (Closes: #1060407)
Checksums-Sha1:
 6f1bbcde6af1b8b3cdc16510d25b5aec1d75d29b 2148 gtkwave_3.3.118-0.1~deb12u1.dsc
 b09261fab198fdd29a67011a55f5d8901a9cb2d7 3330206 gtkwave_3.3.118.orig.tar.gz
 b9fb37b4dac422b8ca0c54534a0b8fdf476d85a1 9220 
gtkwave_3.3.118-0.1~deb12u1.debian.tar.xz
Checksums-Sha256:
 668c273e24a0b4a2fdd0a7f51aa9a1088a1af5259e655981f6e53f598f073bd6 2148 
gtkwave_3.3.118-0.1~deb12u1.dsc
 0f4330c028a2ab3d2f4d4ceeaf6db6925db010c4b6fd52d11022d0e5dea0486a 3330206 
gtkwave_3.3.118.orig.tar.gz
 04c8f1ffcf3a4c18e0c4b6a863c3c2066629ce90afdf749aec4366f881ff3e88 9220 
gtkwave_3.3.118-0.1~deb12u1.debian.tar.xz
Files:
 39e0b7a184eb940924ec2436d8b21ad1 2148 electronics optional 
gtkwave_3.3.118-0.1~deb12u1.dsc
 3a1281bce5fd56e43585773ab07bfd2b 3330206 electronics optional 
gtkwave_3.3.118.orig.tar.gz
 18986e3f9d85fccfcec16e2729e2bf44 9220 electronics optional 
gtkwave_3.3.118-0.1~deb12u1.debian.tar.xz

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEOvp1f6xuoR0v9F3wiNJCh6LYmLEFAmYMANQACgkQiNJCh6LY
mLEzWQ/+KhdDKSE2URTSczqEsGuDTvTDuFmbzTchfhVBLr6tXsm60/VW/N+iYkgs
7pdsDIgf2rQqPh6Yv89mQDmWl98+VfiEFZ7rn/xnJY52RCupJcQP/8E63OSRxa33
VvhGbCnG7ddJULENzQ0LD1R/Io8ZvOO0EwBSSuKuT9JtNzpMf9+vHqa/1jk3xsO3
rtxHkU882QI6ZJa4iVYlGSA1GJSTrSF97qJBXAmev+ZbvCoyDJUqrJ4Bx6wq8uSF
0KWyLYcY5C5FnK+gfkfRzyVxf6izaDoixGVJfm3e3NvQDJrPgCtneAGgG1sCVIpx
Xa0wdIKrMDvlfC95gAA6ere/ZyP0GTlv6gpY6C81oxG9I8in9/D9D68azzq99cxB
rLZPl2CJ7Bc9rRaZfQBLei2EaX5AKx4pQVKs3KFpdEXabfP2oorLyezzeuvlciC0
scuvLYrZC4Y/4K9jc4gDVZRBN7ZIwqCH/C+yLa1nSLK4Tz/mxbvn54hWpn1tT7YR
M/6udSZVDyE44xP3BuRs8p2wjoFV3eE8XMSkx4IejLlgQOZms74hxOQUYQeIEqiL
EZ+rg3nxPEpDuYvBHICsMS3tDsr4G64l2ok3eI1YjkmsMhDCL209gaNYZFMdUvoy
cb+eKK5aauhbZRNWQ2vyLy2JEg1NjpISgXTrJRb1BX7KO6Ipz/w=
=OBBD
-----END PGP SIGNATURE-----

pgp9kY7qUPmgb.pgp
Description: PGP signature

--- End Message ---

Bug#1060407: marked as done (Multiple security issues)

Reply via email to