Bug#895406: libopenmpt: CVE-2018-10017

2018-04-11 Thread James Cowgill
Source: libopenmpt Version: 0.2.7025~beta20.1-1 Severity: grave Tags: security upstream fixed-upstream Hi, libopenmpt 0.3.8 was released with a security update. I requested a CVE and got CVE-2018-10017 assigned for it (the "[Sec]" line in the changelog). https://lib.openmpt.org/libopenmpt/2018/0

Re: Notice of mailing list closure: pkg-multimedia-maintainers

2018-04-11 Thread Mattia Rizzolo
On Wed, Apr 11, 2018 at 09:05:41AM +0100, James Cowgill wrote: > Given that the vast majority of packages are still on the old > lists.alioth.debian.org maintainer address, I think we will need the > list migrated otherwise the team will be screwed. Have I missed something? Mhh, yes indeed. James

Re: Notice of mailing list closure: pkg-multimedia-maintainers

2018-04-11 Thread Reinhard Tartler
Hi Mattia, I am around, but am unsure what to do. Reading through the past mails on this topic on the pkg-multimedia-maintainers mailing list, I thought the plan was to move all packages to use "debian-multimedia@lists.debian.org" as maintainer, and we could safely let go of the alioth list. I may

Re: Notice of mailing list closure: pkg-multimedia-maintainers

2018-04-11 Thread James Cowgill
Hi, On 11/04/18 15:19, Reinhard Tartler wrote: > Hi Mattia, > > I am around, but am unsure what to do. Reading through the past mails on > this topic on the pkg-multimedia-maintainers mailing list, I thought the > plan was to move all packages to use "debian-multimedia@lists.debian.org >

Processing of libopenmpt_0.3.8-1_source.changes

2018-04-11 Thread Debian FTP Masters
libopenmpt_0.3.8-1_source.changes uploaded successfully to localhost along with the files: libopenmpt_0.3.8-1.dsc libopenmpt_0.3.8.orig.tar.gz libopenmpt_0.3.8-1.debian.tar.xz libopenmpt_0.3.8-1_source.buildinfo Greetings, Your Debian queue daemon (running on host usper.debian.org

Bug#895406: marked as done (libopenmpt: CVE-2018-10017)

2018-04-11 Thread Debian Bug Tracking System
Your message dated Wed, 11 Apr 2018 15:51:50 + with message-id and subject line Bug#895406: fixed in libopenmpt 0.3.8-1 has caused the Debian Bug report #895406, regarding libopenmpt: CVE-2018-10017 to be marked as done. This means that you claim that the problem has been dealt with. If this

libopenmpt_0.3.8-1_source.changes ACCEPTED into unstable

2018-04-11 Thread Debian FTP Masters
Accepted: -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Wed, 11 Apr 2018 12:19:51 +0100 Source: libopenmpt Binary: openmpt123 libopenmpt0 libopenmpt-dev libopenmpt-doc libopenmpt-modplug1 libopenmpt-modplug-dev Architecture: source Version: 0.3.8-1 Distribution: unstable Ur