Your message dated Sat, 19 Nov 2016 09:35:20 +0000
with message-id <[email protected]>
and subject line Bug#844344: fixed in p7zip 16.02+dfsg-2
has caused the Debian Bug report #844344,
regarding p7zip: CVE-2016-9296: Null pointer dereference (in 7zIn.cpp)
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
844344: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=844344
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: p7zip
Version: 16.02+dfsg-1
Severity: important
Tags: security upstream patch
Forwarded: https://sourceforge.net/p/p7zip/bugs/185/

Hi,

the following vulnerability was published for p7zip.

CVE-2016-9296[0]:
Null pointer dereference in 7zIn.cpp

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2016-9296
[1] https://sourceforge.net/p/p7zip/bugs/185/

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore

--- End Message ---
--- Begin Message ---
Source: p7zip
Source-Version: 16.02+dfsg-2

We believe that the bug you reported is fixed in the latest version of
p7zip, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Robert Luberda <[email protected]> (supplier of updated p7zip package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Sat, 19 Nov 2016 08:52:29 +0100
Source: p7zip
Binary: p7zip p7zip-full
Architecture: source
Version: 16.02+dfsg-2
Distribution: unstable
Urgency: medium
Maintainer: Robert Luberda <[email protected]>
Changed-By: Robert Luberda <[email protected]>
Description:
 p7zip      - 7zr file archiver with high compression ratio
 p7zip-full - 7z and 7za file archivers with high compression ratio
Closes: 844344
Changes:
 p7zip (16.02+dfsg-2) unstable; urgency=medium
 .
   * Apply upstream patch to fix nullptr dereference (CVE-2016-9296)
     (closes: #844344).
Checksums-Sha1:
 e1bd52554d89652563e246eea620ac13fcc38004 1927 p7zip_16.02+dfsg-2.dsc
 ca1ec44feb8e02359ee43cbed03e383d834c0f6d 20520 p7zip_16.02+dfsg-2.debian.tar.xz
Checksums-Sha256:
 52ca89807d70d8f0d2b5bb0d00110b36459fdcb8818a911162f41517809459bf 1927 
p7zip_16.02+dfsg-2.dsc
 eb23381292f831cf0a7ef38df807e9150ab1861db29a52637a7acb46bde3aae0 20520 
p7zip_16.02+dfsg-2.debian.tar.xz
Files:
 a9390ab4398594855a907b2fc5064a3d 1927 utils optional p7zip_16.02+dfsg-2.dsc
 35781d58ce163a923f01d2596133c06b 20520 utils optional 
p7zip_16.02+dfsg-2.debian.tar.xz

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEENeh2+rTTcy6TtNI3Yx3nVTvor9QFAlgwGSgACgkQYx3nVTvo
r9TsrQ/9FtnCXMFu0U9dzhtEdzrc12sgaMhY0RyQ00FD3YM0VNiN85BWfCHs69Hk
ARBSAU0lNQMVIup+Zf3F5Uk1Ps/8zLHiypa09adWwRqVujBfC5DU3hkQKi3J9/sc
618b1ca6gdDA0hva4VHEhxJtXccIuJ7K5UXxK2W54Ev+zL/wXxaVvLaYU75+yD/b
+uHijEbTe+gLpiEyuy8ff9JNbLNV3cesedXs30NX9YdoFtibjVmjaB9dFDW8KZBb
RCI06CJljGudd5S6o7W+oU5o2xJrPC85Qg2cb+/9GCarOkcd6nEDBPfJCY503x9g
iPeRCYzF7jNdV0ac0uVHziqe1emFGpHCMncvsZGN9L/PHDkbjkF75C7Iu3+dH1de
wLJc3Ib0830Gdwvrbvu6HCxmcaj8vmeiL1gKvM+RUCBApI6LHrlqorv03wzYS9SL
loW8MqXNhXFzq4LU9RrSkGDhLMkYc6cAqQg0soiTkV6VwVyrUtDGntDOPFNGAjXV
Nknr8zOOKvzN7dg4ZtNlfmJ0uRvzwVlS2KsWydLHDwTlywhTyd+zeM7mXAz7UFFf
J/8a/IkDV9rh0ggE3dC+5QAiNbg8IsRhNgc+eC+v2L3fL6IxDX8ERErHiwPuP9kf
CWk444DIbiQZ5lLQbOF60pqMXupNGKyWYNrU6l3E72+7pTNpQt4=
=g2dp
-----END PGP SIGNATURE-----

--- End Message ---

Reply via email to