Your message dated Thu, 26 Mar 2015 19:18:34 +0000 with message-id <e1ybdiy-0002zq...@franck.debian.org> and subject line Bug#781228: fixed in freexl 1.0.0g-1+deb8u1 has caused the Debian Bug report #781228, regarding freexl: Multiple vulnerabilitities to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 781228: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=781228 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: freexl Severity: grave Tags: security Justification: user security hole Hi, multiple vulnerabilities have been found in freexl. Please see this posting on oss-security for additional details: http://www.openwall.com/lists/oss-security/2015/03/25/1 This is fixed in experimental, but since we're in freeze, testing should rather be fixed with a targeted upload to sid plus unblock. (A patch set and reproducers are linked from the oss-security posting). Cheers, Moritz
--- End Message ---
--- Begin Message ---Source: freexl Source-Version: 1.0.0g-1+deb8u1 We believe that the bug you reported is fixed in the latest version of freexl, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 781...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Bas Couwenberg <sebas...@debian.org> (supplier of updated freexl package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Thu, 26 Mar 2015 11:44:10 +0100 Source: freexl Binary: libfreexl-dev libfreexl1 libfreexl1-dbg Architecture: source amd64 Version: 1.0.0g-1+deb8u1 Distribution: unstable Urgency: high Maintainer: Debian GIS Project <pkg-grass-devel@lists.alioth.debian.org> Changed-By: Bas Couwenberg <sebas...@debian.org> Description: libfreexl-dev - library for direct reading of Microsoft Excel spreadsheets - deve libfreexl1 - library for direct reading of Microsoft Excel spreadsheets libfreexl1-dbg - library for direct reading of Microsoft Excel spreadsheets - debu Closes: 781228 Changes: freexl (1.0.0g-1+deb8u1) unstable; urgency=high . * Update my email to @debian.org address. * Specify jessie branch in Vcs-Git field. * Add patch to fix vulnerabilities identified by American Fuzzy Lop. (closes: #781228) Checksums-Sha1: eb8d4cd994b771486034f32c4a743cf06fb7236a 2134 freexl_1.0.0g-1+deb8u1.dsc 8af5485b9767a2cb7394651d0b77a29be5db35ff 11844 freexl_1.0.0g-1+deb8u1.debian.tar.xz 37139624f4cac6eb081c0fcd87b2d479cb459a49 30698 libfreexl-dev_1.0.0g-1+deb8u1_amd64.deb 543e0ded4b216d886449c9802b2cab36b8d342f8 26356 libfreexl1_1.0.0g-1+deb8u1_amd64.deb bacdcef2f6a21d627032db99553822a9c49aacfc 55514 libfreexl1-dbg_1.0.0g-1+deb8u1_amd64.deb Checksums-Sha256: 9b9c254e222474ffcebf11f1764fdd4e46419f5a4a3ed638b7313df320162042 2134 freexl_1.0.0g-1+deb8u1.dsc 62adb72caeab70f9539fa0cc06f48646c63fde4f17d9df16dbef79d5d7b66f1e 11844 freexl_1.0.0g-1+deb8u1.debian.tar.xz 2dc3937df9fc66863199793e1c91466bd6678b837d371d9fa94fbe2f84b2d3e9 30698 libfreexl-dev_1.0.0g-1+deb8u1_amd64.deb d065eeefa3b0815e439ebf6b5f8fda9ee8cbf46513fe41bcab81ce607e94a84d 26356 libfreexl1_1.0.0g-1+deb8u1_amd64.deb 3ff74422550b3612bf096d3dca5aa09cebaf38990f10f3df53c402f4220ee10d 55514 libfreexl1-dbg_1.0.0g-1+deb8u1_amd64.deb Files: 569051121a3e1df00fb90da1a7c5a326 2134 libs optional freexl_1.0.0g-1+deb8u1.dsc dc432498bd953f695aeeb68843b16633 11844 libs optional freexl_1.0.0g-1+deb8u1.debian.tar.xz c59f74e2e8b2551648c5ab012940cbcf 30698 libdevel optional libfreexl-dev_1.0.0g-1+deb8u1_amd64.deb f73790f456a4f35a5e5141bb3f7cd8a8 26356 libs optional libfreexl1_1.0.0g-1+deb8u1_amd64.deb 087e0994d4f14a3ccf8813b26ed5793f 55514 debug extra libfreexl1-dbg_1.0.0g-1+deb8u1_amd64.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQIcBAEBCgAGBQJVFFreAAoJEGdQ8QrojUrxwagP/0XfY9gD0e0XJHESb2V5jP2N pnJtjpvnpgTPBX0RJqPUGa8r0j+25lUjSZ53JOaMT/JC5pQgVfAQzrtlZHnM963g r/veN8w4vKZjK51T6gddwtq5/Z93zv2+dSyme304qFBmUydsvmdx1LJR7GZ624jK aHuIc14gLs8Cp/Kg7dhYuCaRIMw0a5UqWUz7d6XAg9p+KrPpkrgJyaKUpYLJt/VL HqZBhiRwLFTdvrTr+9jCucRqHYYxnmzuORac+8HNR/nIHfsLaTXqnu+YEjF9aKw7 up0lY9nNdfNNlQdvYtwJHREZqE9x7741/YuacEudBzzgXzDgt0rb/6y7/LA95lEO P+uUQzkn5Benx5X4eK54FPYi/i72YzIwS0L2GXLrlYcpWWVT1YOxXCEwllKxgeN3 bfO3w3SU95zboadOgsBapPnhFu1ENYNuSxrbKxwRAqNvHCQjSCuW9OPjxlZUANkT /kK54BnSFOpMjQ4yaDUnhNqB0UwAUxnKiuF2JxcL9XFbiXBqJDrW2l0zsBkDeVHo Crw2jBKNeNgyIWuzZg5u8sFUQGSiSjOH7zSn90CXQXuQI1kvVV0lEsZp0nLRT5B5 C18TLN9P1HvNJ4eo2obB7RrVPsMSbMlWSDWmIp/y6uI3DJXUw1/n6JLsdOBSkK9d l5IghArpYsq6MtQau386 =l0ik -----END PGP SIGNATURE-----
--- End Message ---
_______________________________________________ Pkg-grass-devel mailing list Pkg-grass-devel@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-grass-devel
