Your message dated Fri, 18 Nov 2016 15:02:35 +0000 with message-id <e1c7kgv-00071x...@fasolo.debian.org> and subject line Bug#843434: fixed in terminology 0.7.0-1+deb8u1 has caused the Debian Bug report #843434, regarding terminology: CVE-2015-8971: Escape Sequence Command Execution vulnerability to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 843434: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=843434 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Source: terminology Version: 0.7.0-1 Severity: grave Tags: security upstream patch Justification: user security hole Hi terminology is suspectible to an escape sequence command execution vulnerability, as described in http://www.openwall.com/lists/oss-security/2016/11/04/12 The CVE has not yet been assigned, will update the subject here once it's done. Regards, Salvatore
--- End Message ---
--- Begin Message ---Source: terminology Source-Version: 0.7.0-1+deb8u1 We believe that the bug you reported is fixed in the latest version of terminology, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 843...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Ross Vandegrift <r...@kallisti.us> (supplier of updated terminology package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Sun, 13 Nov 2016 10:04:12 -0500 Source: terminology Binary: terminology terminology-data Architecture: source amd64 all Version: 0.7.0-1+deb8u1 Distribution: jessie-security Urgency: high Maintainer: Anthony F McInerney <afm...@gmail.com> Changed-By: Ross Vandegrift <r...@kallisti.us> Description: terminology - Enlightenment efl based terminal emulator terminology-data - Enlightenment efl based terminal emulator data Closes: 843434 Changes: terminology (0.7.0-1+deb8u1) jessie-security; urgency=high . * Non-maintainer upload. * Fix for "CVE-2015-8971: Escape Sequence Command Execution vulnerability" backported from upstream rev b80bedc. (Closes: #843434) Checksums-Sha1: 742a0e5845b00dbf4dec2bd431ee46b057e15f47 2260 terminology_0.7.0-1+deb8u1.dsc ed695dc07b54149145779fe958a5c00cf17f4051 3624201 terminology_0.7.0.orig.tar.gz 23ddf255a88977e8cb0e41749afa442cdd359c41 10820 terminology_0.7.0-1+deb8u1.debian.tar.xz be95fe79fddc4ad3e878bd221322b845382548d5 139610 terminology_0.7.0-1+deb8u1_amd64.deb 05f86d8c3217d5de03e33c561e5a32ba05e5f1b3 3139598 terminology-data_0.7.0-1+deb8u1_all.deb Checksums-Sha256: 0e1c4e6a857a6daed329307fc8f0eb58463e3656e3b0604c35fbfc84f4f07958 2260 terminology_0.7.0-1+deb8u1.dsc 453f49911b090fffc1e5fe695022bd1c51325dde83b8cd3cca22899c604344f4 3624201 terminology_0.7.0.orig.tar.gz 612cfd8d09d1673da8340ef605934a5b33a3f44ec272acb7114a304243087a32 10820 terminology_0.7.0-1+deb8u1.debian.tar.xz dd6d8eb8e91f9bfcb290b16d3db5b90f5f244ec559d23c272266b7aeebe5afab 139610 terminology_0.7.0-1+deb8u1_amd64.deb 5f7ab5544e70c225c2605202031763b1e0eeec748129d31d2e872bfd0a0f380c 3139598 terminology-data_0.7.0-1+deb8u1_all.deb Files: 66879fd0eb7cd2da30497e113a5aabc0 2260 x11 optional terminology_0.7.0-1+deb8u1.dsc e68d889f343886e11a8e4f4337486452 3624201 x11 optional terminology_0.7.0.orig.tar.gz 791a7ebfe7ba02c9fb904f79a22d664f 10820 x11 optional terminology_0.7.0-1+deb8u1.debian.tar.xz 8525914442edf7ec190435e948eeeb24 139610 x11 optional terminology_0.7.0-1+deb8u1_amd64.deb 5b43bcda651c066250e970d94389215a 3139598 x11 optional terminology-data_0.7.0-1+deb8u1_all.deb -----BEGIN PGP SIGNATURE----- iQIcBAEBCAAGBQJYKKhPAAoJEBDCk7bDfE429TkQAIFTn3yJeQIlaC9dqejzxqyT UcIGXkKRtcCRFGeiPg/gAeJINc0iKAnItBRTVvlI8qi0WCVYRbhrU5pS8zM7XNKP uq0CQ5Z/TYCw2vEeYwHtLBqdc4VaQg06yyEb3Idd4W0gR7EwclVVa6J+wBY7kFXM Kfe/NET7Wily6WJkvw10OnD6zWuPAJeb4Im5tn71Cag0Eg9jTd4XwdgJBohxu8W1 ah9n54SC/lgy3dXTDY8JW35unrh0FLi0tL2k0mIeD7G7h8zDzRonAaRk7mAvkFw/ aAsgXDOf9kJcpCPj9T9B5vM7HQFSzX6k72MSbCOLVBzmVJZiOI7BQOSdWX86p7RQ WfKgZ17lbpFS9DK+mLHROb7NCiMz6dw6WhD0hGQ+ZBMQK5YEvCVEC/pXynAcS2Fu zsTExUzTM3OFO0QoS2/s5cii9zekGKcd1mDH4w4iPm7E/pXBU7xjQSyUQzJJ9k6h q4P+jmU3fP6q98xX0ZWfP2iqAnB98HZ3JiQxfnYHAyrNrIvxj+cbmdrl6TO+0TmX jplqHjMBaHyXcYn6MhC/F5zE0NjdkmOCncikTgOMPA6fZbb0vdOlnKjDyIzXI7Zj H6frcE8VnwG6pYAfrx3Sm58ghcb3ReLyccOqBQbs5b6QZofMs/bBZ4Y5yr8qLqc4 i4DX8wnlrxOHfNmaqVHr =LT5D -----END PGP SIGNATURE-----
--- End Message ---
