Your message dated Sun, 19 Jan 2025 20:41:07 +0000
with message-id <e1tzc6v-00cbul...@fasolo.debian.org>
and subject line Bug#1093384: fixed in ratfor 1.07-1
has caused the Debian Bug report #1093384,
regarding ratfor: CVE-2024-55577
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
1093384: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1093384
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: ratfor
Version: 1.06-1
Severity: important
Tags: security upstream
X-Debbugs-Cc: car...@debian.org, Debian Security Team <t...@security.debian.org>
Hi,
The following vulnerability was published for ratfor.
CVE-2024-55577[0]:
| Stack-based buffer overflow vulnerability exists in Linux Ratfor
| 1.06 and earlier. When the software processes a file which is
| specially crafted by an attacker, arbitrary code may be executed. As
| a result, the attacker may obtain or alter information of the user
| environment or cause the user environment to become unusable.
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2024-55577
https://www.cve.org/CVERecord?id=CVE-2024-55577
[1] https://jvn.jp/en/vu/JVNVU92217718/
Please adjust the affected versions in the BTS as needed.
Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: ratfor
Source-Version: 1.07-1
Done: Ole Streicher <oleb...@debian.org>
We believe that the bug you reported is fixed in the latest version of
ratfor, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 1093...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Ole Streicher <oleb...@debian.org> (supplier of updated ratfor package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sun, 19 Jan 2025 11:33:24 +0100
Source: ratfor
Architecture: source
Version: 1.07-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Science Team
<debian-science-maintain...@lists.alioth.debian.org>
Changed-By: Ole Streicher <oleb...@debian.org>
Closes: 1093384
Changes:
ratfor (1.07-1) unstable; urgency=medium
.
* New upstream version 1.07. Closes: 1093384
* Rediff patches
Checksums-Sha1:
1a28a1950cde4634a79e5ffbef22e6adbc1ce4d8 1965 ratfor_1.07-1.dsc
0a49bec54fe4e73a3a6b897e0433caa6f3cc142c 106690 ratfor_1.07.orig.tar.gz
c481b4d550ea4d3cf56788996001da046a46a086 4816 ratfor_1.07-1.debian.tar.xz
Checksums-Sha256:
65ec8df7e0f82400638b1ed4786ff7fecf7852dcddcf2977dbb9770d35df7f42 1965
ratfor_1.07-1.dsc
943b5de328d7b890cb444b17fb7dab656ffaa0d388c7d40b649d34b736b137ff 106690
ratfor_1.07.orig.tar.gz
4789fffefd1a2567a8d6c7d7f5232544ea9007e676584e2ee27e28701fb1ba5b 4816
ratfor_1.07-1.debian.tar.xz
Files:
c6435ad9d7064b01818ddf53be6e0271 1965 devel optional ratfor_1.07-1.dsc
43b0c64f1810e7064bbc2a33c7c49d2c 106690 devel optional ratfor_1.07.orig.tar.gz
fede6e046ec897b408714bba4d92e81c 4816 devel optional
ratfor_1.07-1.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEE7/BpV0Ra2/h0L3qtmk9WvbkOGL0FAmeNWXsACgkQmk9WvbkO
GL16wRAAk3AybCacky8p1VRZdcjwxL101GBa0os7xwluA0TCue9DlXKfl/JwhsV7
CuE7svgtOQyt82Bz6aqRUtYHp+l8C2cW97TGd8A++M8VlXjwnwgkExLVnnhs1MEs
g7SoXQ7QFogpzDcKrjbGFBrrAah9xItnPxpbV1wIGtm9JRYzpn2GCpRaMu7W0ocx
niXvQaGXqyuYGAb6mZorbxPG8skmPzB3Nk3Omm0O93klhp2El+uCmJP6/yVx1aIf
04+4wlklQkoAfHihDn2QV3saMh2+I/I6Z0eaMd+7Ty7dnK2uhieWqX0srMiwu5hp
/EAbHLQcMYiGP9rXFt54iweB2UyWpZcrWByOe0BE1klk17KcRRhdhbDYsATliTTa
nTnWMHfhL6luaPVPF0ihufU4iKCsJl2T35mauj/Xc4wxItjRrcOSSz9EvTGt9HR9
3ZeQccUvUf9OUGQ6lmRL74hAS6kQGyqjnHoR84GUximusWnNkjb7vfHDn93Dt4oR
xwaQ0b3ShlAkjnBftySOf9L8JBvQzRx/eptMrIu7B2sakmkEylVVtKGPtQYemB6Q
pIX8aq68Y62fdQuSeQ4nGAiQ/jPi5H79e6Pk8AL9IpDW2idx+66lNnITgwjBVdwC
9fuK5IaN4ZWeBCOecwfvyMRIxmV3fc796dVL+53d55GbXRJqy1g=
=RlTA
-----END PGP SIGNATURE-----
pgpjuA8Mow_Jp.pgp
Description: PGP signature
--- End Message ---
--
debian-science-maintainers mailing list
debian-science-maintainers@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-science-maintainers
