Bug#1060407: marked as done (Multiple security issues)

Debian Bug Tracking System Sun, 07 Apr 2024 10:36:24 -0700

Your message dated Sun, 07 Apr 2024 17:32:30 +0000
with message-id <e1rtwna-008ylf...@fasolo.debian.org>
and subject line Bug#1060407: fixed in gtkwave 3.3.104+really3.3.118-0+deb11u1
has caused the Debian Bug report #1060407,
regarding Multiple security issues
to be marked as done.


This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1060407: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1060407
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

--- Begin Message ---

Source: gtkwave
Version: 3.3.116-1
Severity: grave
Tags: security
X-Debbugs-Cc: Debian Security Team <t...@security.debian.org>

A very thorough security audit of gtkwave unveiled a total of 82 security
issues in gtkwave, all fixed in 3.3.118:

CVE-2023-32650 CVE-2023-34087 CVE-2023-34436 CVE-2023-35004
CVE-2023-35057 CVE-2023-35128 CVE-2023-35702 CVE-2023-35703
CVE-2023-35704 CVE-2023-35955 CVE-2023-35956 CVE-2023-35957
CVE-2023-35958 CVE-2023-35959 CVE-2023-35960 CVE-2023-35961
CVE-2023-35962 CVE-2023-35963 CVE-2023-35964 CVE-2023-35969
CVE-2023-35970 CVE-2023-35989 CVE-2023-35992 CVE-2023-35994
CVE-2023-35995 CVE-2023-35996 CVE-2023-35997 CVE-2023-36746
CVE-2023-36747 CVE-2023-36861 CVE-2023-36864 CVE-2023-36915
CVE-2023-36916 CVE-2023-37282 CVE-2023-37416 CVE-2023-37417
CVE-2023-37418 CVE-2023-37419 CVE-2023-37420 CVE-2023-37442
CVE-2023-37443 CVE-2023-37444 CVE-2023-37445 CVE-2023-37446
CVE-2023-37447 CVE-2023-37573 CVE-2023-37574 CVE-2023-37575
CVE-2023-37576 CVE-2023-37577 CVE-2023-37578 CVE-2023-37921
CVE-2023-37922 CVE-2023-37923 CVE-2023-38583 CVE-2023-38618
CVE-2023-38619 CVE-2023-38620 CVE-2023-38621 CVE-2023-38622
CVE-2023-38623 CVE-2023-38648 CVE-2023-38649 CVE-2023-38650
CVE-2023-38651 CVE-2023-38652 CVE-2023-38653 CVE-2023-38657
CVE-2023-39234 CVE-2023-39235 CVE-2023-39270 CVE-2023-39271
CVE-2023-39272 CVE-2023-39273 CVE-2023-39274 CVE-2023-39275
CVE-2023-39316 CVE-2023-39317 CVE-2023-39413 CVE-2023-39414
CVE-2023-39443 CVE-2023-39444

Let's first fix unstable and then we can simple build 3.3.118
for stable-security and oldstable-security as well.

Full details in these advisories from TALOS:
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1777
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1783
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1785
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1786
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1789
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1790
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1791
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1792
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1793
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1797
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1798
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1803
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1804
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1805
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1806
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1807
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1810
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1811
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1812
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1813
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1814
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1815
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1816
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1817
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1818
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1819
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1820
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1821
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1822
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1823
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1824
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1826
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1827

Cheers,
        Moritz

--- End Message ---

--- Begin Message ---

Source: gtkwave
Source-Version: 3.3.104+really3.3.118-0+deb11u1
Done: Adrian Bunk <b...@debian.org>

We believe that the bug you reported is fixed in the latest version of
gtkwave, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 1060...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Adrian Bunk <b...@debian.org> (supplier of updated gtkwave package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 28 Mar 2024 09:23:23 +0200
Source: gtkwave
Architecture: source
Version: 3.3.104+really3.3.118-0+deb11u1
Distribution: bullseye-security
Urgency: medium
Maintainer: Debian Electronics Team 
<pkg-electronics-de...@alioth-lists.debian.net>
Changed-By: Adrian Bunk <b...@debian.org>
Closes: 1060407
Changes:
 gtkwave (3.3.104+really3.3.118-0+deb11u1) bullseye-security; urgency=medium
 .
   * Non-maintainer upload.
   * New upstream release.
     - Fixes multiple vulnerabilities:
       CVE-2023-32650, CVE-2023-34087, CVE-2023-34436, CVE-2023-35004,
       CVE-2023-35057, CVE-2023-35128, CVE-2023-35702, CVE-2023-35703,
       CVE-2023-35704, CVE-2023-35955, CVE-2023-35956, CVE-2023-35957,
       CVE-2023-35958, CVE-2023-35959, CVE-2023-35960, CVE-2023-35961,
       CVE-2023-35962, CVE-2023-35963, CVE-2023-35964, CVE-2023-35969,
       CVE-2023-35970, CVE-2023-35989, CVE-2023-35992, CVE-2023-35994,
       CVE-2023-35995, CVE-2023-35996, CVE-2023-35997, CVE-2023-36746,
       CVE-2023-36747, CVE-2023-36861, CVE-2023-36864, CVE-2023-36915,
       CVE-2023-36916, CVE-2023-37282, CVE-2023-37416, CVE-2023-37417,
       CVE-2023-37418, CVE-2023-37419, CVE-2023-37420, CVE-2023-37442,
       CVE-2023-37443, CVE-2023-37444, CVE-2023-37445, CVE-2023-37446,
       CVE-2023-37447, CVE-2023-37573, CVE-2023-37574, CVE-2023-37575,
       CVE-2023-37576, CVE-2023-37577, CVE-2023-37578, CVE-2023-37921,
       CVE-2023-37922, CVE-2023-37923, CVE-2023-38583, CVE-2023-38618,
       CVE-2023-38619, CVE-2023-38620, CVE-2023-38621, CVE-2023-38622,
       CVE-2023-38623, CVE-2023-38648, CVE-2023-38649, CVE-2023-38650,
       CVE-2023-38651, CVE-2023-38652, CVE-2023-38653, CVE-2023-38657,
       CVE-2023-39234, CVE-2023-39235, CVE-2023-39270, CVE-2023-39271,
       CVE-2023-39272, CVE-2023-39273, CVE-2023-39274, CVE-2023-39275,
       CVE-2023-39316, CVE-2023-39317, CVE-2023-39413, CVE-2023-39414,
       CVE-2023-39443, CVE-2023-39444
       (Closes: #1060407)
   * Readd ghwdump for bullseye.
Checksums-Sha1:
 a32548f54e40c51abe47fa5db8a31e8420b6c744 2210 
gtkwave_3.3.104+really3.3.118-0+deb11u1.dsc
 35da928d360225333c4d408565535c03aec11b95 3507767 
gtkwave_3.3.104+really3.3.118.orig.tar.gz
 d4082a10388b43bb35e685adfb6778356126d7d0 20404 
gtkwave_3.3.104+really3.3.118-0+deb11u1.debian.tar.xz
Checksums-Sha256:
 feafeed66d3d348851c636e707f0efba563f7f8d85f3c67512937ffec7a2bbf6 2210 
gtkwave_3.3.104+really3.3.118-0+deb11u1.dsc
 416d037c1f5f6dfc8fe9d2da87b650d9ebb4e9a7e8714e558ab4ea818eebeaa0 3507767 
gtkwave_3.3.104+really3.3.118.orig.tar.gz
 9af419477a99d389cf675a6f9af4f05ccc8d52fd5518785785bfeae53ff280b3 20404 
gtkwave_3.3.104+really3.3.118-0+deb11u1.debian.tar.xz
Files:
 98e61521f824004d07dbc051a083473b 2210 electronics optional 
gtkwave_3.3.104+really3.3.118-0+deb11u1.dsc
 8960ea5b268e14e1f662b03c3072afb6 3507767 electronics optional 
gtkwave_3.3.104+really3.3.118.orig.tar.gz
 46b874564f95e625ba3c970ac7ab627c 20404 electronics optional 
gtkwave_3.3.104+really3.3.118-0+deb11u1.debian.tar.xz

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEOvp1f6xuoR0v9F3wiNJCh6LYmLEFAmYMAXgACgkQiNJCh6LY
mLHHRg/+O8yRdWqfUgKiW+shJl+sBUHoS5Bt8SqRkKWpjwC8wG0kVYIM0hinekFn
UuGTx4VhMqe5kLN2mLtSznYHuehYhOPvEzNKOLx8V7GRsjVOWEx0yhM2CL8bl/Rt
cc5UFmPY40z0g1ixo4iGzewqT3d76pkVj2+yyT1cXUIV2Ws1rgn8pk8IpVQHu30d
hSocTmqpqRSHkq8EXuMlhTV0/f8avT8E2fpAtVYVifdYxVVZ3dkrTJx4FAD1BH8P
xrCjYrCQAFkyJ8ia7/vAqDv6gqox92I7qoxhzDZF1ev7ZFhYhO2H5iGMObYusLrk
Dgx68pPggOvRekJweRIPRpbwSnh9QdASKasyq9Vf1mIguVI3d/PM3gZXqhqQWv54
r/OMGZSrfQ8GTR10GxoDWFNXbAGpfa7KX+QiCORee4Wp8npPUYjQL8JRKhLGKM9x
QgsnXzpKNFmlT9Ke4HaZgF7+tw1nD/UqFc/HyUbQ2DIrQwIHZhu4HPjx/sXPwmEk
C8PWsXR0HJBPWwvBXHnN3xRVkE3aolpfwD6cDhDPKISlh8t+Rlt6SUToJgRptGHJ
0XW7AZM7G2aOlX84SadK3wXpaFvnEw1RbID6lWR/zBt/ZcLzAPYlLQfsGL/SCuFB
h0BzeHo/EOhVttFK5boxIFAOEMD4bKzkV2xKUW092FAk6kshBe4=
=E483
-----END PGP SIGNATURE-----

pgpy6EZmK5qm6.pgp
Description: PGP signature

--- End Message ---

Bug#1060407: marked as done (Multiple security issues)

Reply via email to