Your message dated Sat, 10 Sep 2005 08:51:50 +0200
with message-id <[EMAIL PROTECTED]>
and subject line Bug#327431: chmlib: new upstream version 0.36 fixes major
security problems
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--------------------------------------
Received: (at submit) by bugs.debian.org; 10 Sep 2005 02:08:44 +0000
>From [EMAIL PROTECTED] Fri Sep 09 19:08:44 2005
Return-path: <[EMAIL PROTECTED]>
Received: from vscan01.westnet.com.au [203.10.1.131]
by spohr.debian.org with esmtp (Exim 3.36 1 (Debian))
id 1EDunL-0004lK-00; Fri, 09 Sep 2005 19:08:44 -0700
Received: from localhost (localhost.localdomain [127.0.0.1])
by localhost (Postfix) with ESMTP id 9E026760323
for <[EMAIL PROTECTED]>; Sat, 10 Sep 2005 10:08:11 +0800 (WST)
Received: from vscan01.westnet.com.au ([127.0.0.1])
by localhost (vscan01.westnet.com.au [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id 12119-16 for <[EMAIL PROTECTED]>;
Sat, 10 Sep 2005 10:08:11 +0800 (WST)
Received: from dsl-202-72-168-241.wa.westnet.com.au
(dsl-202-72-168-241.wa.westnet.com.au [202.72.168.241])
by vscan01.westnet.com.au (Postfix) with ESMTP id 19FBE760285
for <[EMAIL PROTECTED]>; Sat, 10 Sep 2005 10:08:11 +0800 (WST)
Subject: chmlib: new upstream version 0.36 fixes major security problems
From: Paul Wise <[EMAIL PROTECTED]>
To: Debian Bug Tracking System <[EMAIL PROTECTED]>
X-Reportbug-Version: 3.17
X-Debbugs-Cc: Debian Security Team <[EMAIL PROTECTED]>
X-Mutt-Fcc:
Content-Type: multipart/signed; micalg=pgp-sha1;
protocol="application/pgp-signature"; boundary="=-LwAq/qrAEZjFvrEsdMD8"
Date: Sat, 10 Sep 2005 10:08:10 +0800
Message-Id: <[EMAIL PROTECTED]>
Mime-Version: 1.0
X-Mailer: Evolution 2.2.3
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Level:
X-Spam-Status: No, hits=-11.0 required=4.0 tests=BAYES_00,HAS_PACKAGE,
X_DEBBUGS_CC autolearn=ham version=2.60-bugs.debian.org_2005_01_02
--=-LwAq/qrAEZjFvrEsdMD8
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable
Package: chmlib
Version: 0.35-1
Severity: grave
Tags: security
Justification: user security hole
According to the following url, the changes in the new version of chmlib
fix major security issues.
http://freshmeat.net/projects/chmlib/?branch_id=3D22229&release_id=3D206344
MS CHM library 0.36
Updated: Fri, Sep 9th 2005 07:08 PDT (today)
Release focus: Major security fixes
Changes:
A couple of serious security issues have been reported recently which
allowed a carefully-crafted chm file to result in a buffer overflow.
This release fixes these problems. Anyone using an earlier release and
reading chm files from untrusted sources should upgrade to 0.36.
Author:
Jed Wing
Homepage:
http://morte.jedrea.com/~jedwin/projects/chmlib/
New version:
http://morte.jedrea.com/~jedwin/projects/chmlib/chmlib-0.36.tgz
-- System Information:
Debian Release: unstable
APT prefers unstable
APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.12-1-k7
Locale: LANG=3Den_AU.UTF-8, LC_CTYPE=3Den_AU.UTF-8 (charmap=3DUTF-8)
Versions of packages chmlib depends on:=20
ii libc6 2.3.5-6 GNU C Library: Shared librarie=
s an
--=20
bye,
pabs
http://wiki.debian.org/PaulWise
--=-LwAq/qrAEZjFvrEsdMD8
Content-Type: application/pgp-signature; name=signature.asc
Content-Description: This is a digitally signed message part
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
iD8DBQBDIkAK5Sc9mGvjxCMRAt6QAKDBRayfJdh9abPki5Xv/X2tn/CNwACfQ4e0
m3hJO11mwmCajS921/bD96o=
=/kJG
-----END PGP SIGNATURE-----
--=-LwAq/qrAEZjFvrEsdMD8--
---------------------------------------
Received: (at 327431-done) by bugs.debian.org; 10 Sep 2005 06:51:59 +0000
>From [EMAIL PROTECTED] Fri Sep 09 23:51:59 2005
Return-path: <[EMAIL PROTECTED]>
Received: from smtp2-g19.free.fr [212.27.42.28]
by spohr.debian.org with esmtp (Exim 3.36 1 (Debian))
id 1EDzDS-0004qE-00; Fri, 09 Sep 2005 23:51:59 -0700
Received: from [10.3.3.2] (colombes.speedblue.org [82.224.227.40])
by smtp2-g19.free.fr (Postfix) with ESMTP id DEB8825162;
Sat, 10 Sep 2005 08:51:56 +0200 (CEST)
Message-ID: <[EMAIL PROTECTED]>
Date: Sat, 10 Sep 2005 08:51:50 +0200
From: Julien Lemoine <[EMAIL PROTECTED]>
Organization: Association Happycoders
User-Agent: Debian Thunderbird 1.0.6 (X11/20050802)
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: Paul Wise <[EMAIL PROTECTED]>, [EMAIL PROTECTED]
Subject: Re: Bug#327431: chmlib: new upstream version 0.36 fixes major security
problems
References: <[EMAIL PROTECTED]>
In-Reply-To: <[EMAIL PROTECTED]>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Level:
X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER
autolearn=no version=2.60-bugs.debian.org_2005_01_02
Hi Paul,
I uploaded chmlib 0.36 yesterday evening. You can mow get it from
http://incoming.debian.org/,
it will be available in few hours on ftp mirrors.
Best Regards.
Paul Wise wrote:
>Package: chmlib
>Version: 0.35-1
>Severity: grave
>Tags: security
>Justification: user security hole
>
>According to the following url, the changes in the new version of chmlib
>fix major security issues.
>
>http://freshmeat.net/projects/chmlib/?branch_id=22229&release_id=206344
>
>MS CHM library 0.36
>
>Updated: Fri, Sep 9th 2005 07:08 PDT (today)
>
>Release focus: Major security fixes
>
>Changes:
>A couple of serious security issues have been reported recently which
>allowed a carefully-crafted chm file to result in a buffer overflow.
>This release fixes these problems. Anyone using an earlier release and
>reading chm files from untrusted sources should upgrade to 0.36.
>
>Author:
>Jed Wing
>
>Homepage:
>http://morte.jedrea.com/~jedwin/projects/chmlib/
>
>New version:
>http://morte.jedrea.com/~jedwin/projects/chmlib/chmlib-0.36.tgz
>
>-- System Information:
>Debian Release: unstable
> APT prefers unstable
> APT policy: (500, 'unstable'), (1, 'experimental')
>Architecture: i386 (i686)
>Shell: /bin/sh linked to /bin/bash
>Kernel: Linux 2.6.12-1-k7
>Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8)
>
>Versions of packages chmlib depends on:
>ii libc6 2.3.5-6 GNU C Library: Shared libraries an
>
>
>
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
