Your message dated Mon, 22 Dec 2014 21:35:06 +0000 with message-id <e1y3ad8-0007ez...@franck.debian.org> and subject line Bug#772811: fixed in unrtf 0.21.5-2 has caused the Debian Bug report #772811, regarding unrtf: CVE-2014-9274 CVE-2014-9275 to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 772811: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=772811 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: unrtf Severity: grave Tags: security Please see http://www.openwall.com/lists/oss-security/2014/12/03/4 for more information and references to patches. Cheers, Moritz
--- End Message ---
--- Begin Message ---Source: unrtf Source-Version: 0.21.5-2 We believe that the bug you reported is fixed in the latest version of unrtf, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 772...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Willi Mann <wi...@debian.org> (supplier of updated unrtf package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Mon, 22 Dec 2014 20:20:33 +0100 Source: unrtf Binary: unrtf Architecture: source Version: 0.21.5-2 Distribution: unstable Urgency: medium Maintainer: Willi Mann <wi...@debian.org> Changed-By: Willi Mann <wi...@debian.org> Description: unrtf - RTF to other formats converter Closes: 772811 Changes: unrtf (0.21.5-2) unstable; urgency=medium . * Security fixes, closes: #772811 - Fix CVE-2014-9274: check that accesses to color table stay within bounds - Fix CVE-2014-9275: various crashes * possible security fixes: - Fix Invalid read of size 4 in attr_get_param - attr_get_param(): Silence a warning message again Checksums-Sha1: a3b1b1c30b53c6964b3dd6b634b7ac79d8e5e0bf 1826 unrtf_0.21.5-2.dsc c842d255fe4f58fd59087539c56dc3341c38e91a 6520 unrtf_0.21.5-2.debian.tar.xz Checksums-Sha256: 85e884cc33ae1263da85ae2187171be22a115d47e812f80717e761289d694b78 1826 unrtf_0.21.5-2.dsc aa5ed95dc62d1644a70bb865dbb4b49f27bee0e1f6f5ef1f45b4482c6257e968 6520 unrtf_0.21.5-2.debian.tar.xz Files: 9143fb7be2e7cd092da5d9795cdf9528 1826 text optional unrtf_0.21.5-2.dsc 72e895914d6f25ad7835d2c85733e9a1 6520 text optional unrtf_0.21.5-2.debian.tar.xz -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJUmHd7AAoJEIy+IZx0V22BW90QAIxnbPaO4+ZeyLEfTWADOfWl HXMF05gAvoHEtE9XCAwljmd0yszt+JvlC5NJ9bKuBlTx4p4H5QpvnXvd4ToN0QY+ ltERpuy9z0uHN/lQdv5cMGu2NPRrKxxgYYZHH9JfDggK1PcHRZMJnX12/Mj3GxMf 4rJ936CiYpvGbl4YEGfzAZSvSJ5eLZgiKkP6Z1wItexoIQfw/l3RJcochBLh/YVo PpWvxtwO6kV0vl5WAcOKHx35WSfO7RUQuXHz12+5Agwg3i5EZa7qZ3zvrjcz3fTi 20FPdjLNkOUlJw2D5pU8sMrjAIsHVh+2p8MTo0++AqHZLnUUbPsaqd1QGNWL1iWm EtMFCF7Asi1V6WfelezdTwWs5HBFxzAzbz5C8eomHI9I7yv0mn51LEJalVWBTG4Q Ao0+5S6afQ3jKwRCn78jRGo7c5qG9A9cjsZZyMCIRoc3Izsy7nt7LUsfoWfkB3nv zGzc9OmL/Dc8Eclw/PGF2U7qT7XGNHJJLJafVFsI0JJK+NzWYuOJYFMEfxQCTEAf fosMqAq86UID6AgT03qihpJb1tsy4fP1WhdwvGKRvfCnXAuzMjby3XOoG+CaV0zj 7SP05WpySaxOfwTz0EnHLAn9widgjAIEGyJm1UvXiF2xfjSpwWKk/+0JV/djaYTO u/rQfVGcjgHE4/ZGCich =/app -----END PGP SIGNATURE-----
--- End Message ---
