Your message dated Thu, 16 Mar 2006 02:02:11 -0800
with message-id <[EMAIL PROTECTED]>
and subject line Bug#349794: fixed in unzip 5.52-7
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--- Begin Message ---
Package: unzip
Version: 5.52-1sarge3
Severity: grave
Tags: security
http://www.securityfocus.com/bid/15968
Thanks,
-- System Information:
Debian Release: 3.1
Architecture: i386 (i686)
Kernel: Linux 2.6.8-2-686-smp
Locale: LANG=en_US.ISO-8859-1, LC_CTYPE=en_US.ISO-8859-1 (charmap=ISO-8859-1)
(ignored: LC_ALL set to en_US.ISO-8859-1)
Versions of packages unzip depends on:
ii libc6 2.3.2.ds1-22 GNU C Library: Shared libraries an
-- no debconf information
--
-----------------------------------------------------------------
| ,''`. Stephen Gran |
| : :' : [EMAIL PROTECTED] |
| `. `' Debian user, admin, and developer |
| `- http://www.debian.org |
-----------------------------------------------------------------
signature.asc
Description: Digital signature
--- End Message ---
--- Begin Message ---
Source: unzip
Source-Version: 5.52-7
We believe that the bug you reported is fixed in the latest version of
unzip, which is due to be installed in the Debian FTP archive:
unzip_5.52-7.diff.gz
to pool/main/u/unzip/unzip_5.52-7.diff.gz
unzip_5.52-7.dsc
to pool/main/u/unzip/unzip_5.52-7.dsc
unzip_5.52-7_powerpc.deb
to pool/main/u/unzip/unzip_5.52-7_powerpc.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Santiago Vila <[EMAIL PROTECTED]> (supplier of updated unzip package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Thu, 16 Mar 2006 10:31:20 +0100
Source: unzip
Binary: unzip
Architecture: source powerpc
Version: 5.52-7
Distribution: unstable
Urgency: medium
Maintainer: Santiago Vila <[EMAIL PROTECTED]>
Changed-By: Santiago Vila <[EMAIL PROTECTED]>
Description:
unzip - De-archiver for .zip files
Closes: 349794
Changes:
unzip (5.52-7) unstable; urgency=medium
.
* Fixed buffer overflow when insanely long filenames are given on the
command line. Patch from Johnny Lee. Changed some format strings so
that they use 512 characters at most. The "right" fix will be in 5.53,
but this should work well enough for now. Closes: #349794.
* This is CVE-2005-4667.
Files:
40168d21a5f2ff55e13d205e788099da 519 utils optional unzip_5.52-7.dsc
a4108541e834e3d9e9b3d0b39f4325b1 10797 utils optional unzip_5.52-7.diff.gz
345a81de994ab7f7403920049a214978 162454 utils optional unzip_5.52-7_powerpc.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)
iD8DBQFEGTEYd9Uuvj7yPNYRAhWDAJ0bIBTuJVnttO6Ok0vfW1DdFDXcdgCgufCo
ll7tK2wsoAPDPwNWBDLsgqg=
=sisv
-----END PGP SIGNATURE-----
--- End Message ---
