Your message dated Mon, 26 Jun 2017 22:47:08 +0000 with message-id <e1dpcmi-0009tb...@fasolo.debian.org> and subject line Bug#864195: fixed in libopenmpt 0.2.7386~beta20.3-3+deb9u1 has caused the Debian Bug report #864195, regarding libopenmpt: Security updates libopenmpt-0.2.7386-beta20.3-p7 available to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 864195: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864195 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Source: libopenmpt Version: 0.2.7386~beta20.3-3 Severity: important Tags: upstream Dear Maintainer, A couple of security-related fixes have been released upstream as version 0.2.7386-beta20.3-p7. See https://lib.openmpt.org/libopenmpt/md_announce-2017-06-02.html . These most importantly fix a couple of possible crashes which can be triggered by maliciously modified or malformed or truncated module files as well as denial-of-service through hangs or excessive CPU consumption which can also be triggered maliciously modfied or malformed or truncated module files. -- System Information: Debian Release: 9.0 APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.9.0-3-amd64 (SMP w/2 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US:en (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system)
--- End Message ---
--- Begin Message ---Source: libopenmpt Source-Version: 0.2.7386~beta20.3-3+deb9u1 We believe that the bug you reported is fixed in the latest version of libopenmpt, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 864...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. James Cowgill <jcowg...@debian.org> (supplier of updated libopenmpt package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 20 Jun 2017 08:58:50 +0100 Source: libopenmpt Binary: openmpt123 libopenmpt0 libopenmpt-dev libopenmpt-doc libopenmpt-modplug1 libopenmpt-modplug-dev Architecture: source Version: 0.2.7386~beta20.3-3+deb9u1 Distribution: stretch Urgency: medium Maintainer: Debian Multimedia Maintainers <pkg-multimedia-maintainers@lists.alioth.debian.org> Changed-By: James Cowgill <jcowg...@debian.org> Description: libopenmpt-dev - module music library based on OpenMPT -- development files libopenmpt-doc - module music library based on OpenMPT -- documentation libopenmpt-modplug-dev - module music library based on OpenMPT -- modplug compat developme libopenmpt-modplug1 - module music library based on OpenMPT -- modplug compat library libopenmpt0 - module music library based on OpenMPT -- shared library openmpt123 - module music library based on OpenMPT -- music player Closes: 864195 Changes: libopenmpt (0.2.7386~beta20.3-3+deb9u1) stretch; urgency=medium . * Add various security patches (Closes: #864195). - up1: Division by zero in temp calculation. - up2: Infinite loop with cyclic plugin routing. - up3: Excessive CPU consumption on malformed DMF and MDL files. - up5: Excessive CPU consumption on malformed AMS files. - up6: Invalid memory read when applying NNAs to effect plugins. Checksums-Sha1: 573b6ee36f377b672be218695ac376ab189ad156 2721 libopenmpt_0.2.7386~beta20.3-3+deb9u1.dsc 0d9fc1da11c23179c078fbaba95d37d34399a917 14504 libopenmpt_0.2.7386~beta20.3-3+deb9u1.debian.tar.xz 1ff23df5959b7637683ccc1f641784d4f2926ec5 5688 libopenmpt_0.2.7386~beta20.3-3+deb9u1_source.buildinfo Checksums-Sha256: ab1faa249f38fbd8e164f13e5f9b7e58014cc8db57098ac7e4aa1e4f3d2dda2f 2721 libopenmpt_0.2.7386~beta20.3-3+deb9u1.dsc 6ee155da2727629116985258cd0f694aa06e5087ec6d88344db7903d69962570 14504 libopenmpt_0.2.7386~beta20.3-3+deb9u1.debian.tar.xz 25884de9a4ae6f2f9703b812289e1ffcd6a91866a6c16b0c6b3fcefe92101258 5688 libopenmpt_0.2.7386~beta20.3-3+deb9u1_source.buildinfo Files: 4a77ca456a53a8c6f15959fcb2aebd5d 2721 libs optional libopenmpt_0.2.7386~beta20.3-3+deb9u1.dsc df466fe8b734e7d1260bba79e6d006d4 14504 libs optional libopenmpt_0.2.7386~beta20.3-3+deb9u1.debian.tar.xz 664a15de4ead25417249aeadf1711c5b 5688 libs optional libopenmpt_0.2.7386~beta20.3-3+deb9u1_source.buildinfo -----BEGIN PGP SIGNATURE----- iQJIBAEBCgAyFiEE+Ixt5DaZ6POztUwQx/FnbeotAe8FAllQ4E4UHGpjb3dnaWxs QGRlYmlhbi5vcmcACgkQx/FnbeotAe/wmhAApBKnvAKmCg6CFzChtUiufobRHK9b shVs2LYPvzYM8kXap3QnRAvisKIUdFs4VzD3xknniuVrYs5ijJ9Vu+LBmTJzd5gH GMySFHNq5FaAPzHtTefhQfn+gJHlBDk5/bnIfqbue7U20FwN9sQikijBbbdn9Yir YDcrrCGLjs1EaawhBTRlP9mQQ6zvkuURo4Pk6K2R3H2GcxuknaJ0a9CIqQC3LBFx Hrij4EEMzzwjY/iTo1WxGO800j0Dwm3Y6GHSzEnrb4uAP1JSbqp7mOTO81RnzAQp G8W6Tv2eS8gBLZ1LOegJ5DONv5T2OxfD7BKP9GiJ42VDpEKfJXXNy5TbFBB+Ht75 aiUarbJ+3UJz7r/IqcgouNppanBWiQVpSEKcm1roPKdiP5YVTiLlEeEXCxYs0+Fy pNRg6fb+BuGvUIRfe/+luGygavLHAG9gFVdwnx354Kcwt9YMDIwVk7TIS0n9eQPJ 7a+shMNLltrLXfghP+3wahv46JiyY3zWfI3OLfZ3+CSq71qHVUpgy9BGiSUWZUB4 BVNeN2MxRduZoy6euKgl5x2IggGaYVLtN5Ob3wAK4uMO0B+6YCX4Afh6UsJm3YPs nTOPLwquHlFJfhAVASA27p8Vaq1BXgWMFHcLnL+zk3K5kqfK4gU77BF3ca2tn7e1 CyFDpX3ZjZVVgLM= =GLe7 -----END PGP SIGNATURE-----
--- End Message ---
_______________________________________________ pkg-multimedia-maintainers mailing list pkg-multimedia-maintainers@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-multimedia-maintainers
