Your message dated Tue, 03 Oct 2017 09:05:49 +0000 with message-id <e1dzj9b-000fju...@fasolo.debian.org> and subject line Bug#876535: fixed in openjpeg2 2.2.0-2 has caused the Debian Bug report #876535, regarding openjpeg2: Incoorporate lost changelogs (and possibly changes) for NMUs 2.1.2-1.1, 2.1.2-1.2 and 2.1.2-1.3 to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 876535: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876535 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Source: openjpeg2 Version: 2.2.0-1 Severity: normal Hi Mathieu, There was an update for openjpeg2 not incoorporating the NMU changelog for 2.1.2-1.1, 2.1.2-1.2 and 2.1.2-1.3. Please consider incorporating those again (and double check no change was lost, I guess not that all should in meanwhile be included in 2.2.0, but for #851422 I'm unsure if it was fully covered, see the respective upstream issues which only partially landed in 2.2.0). Specifically there were some CVEs addressed, which are hopefully still be fixed in 2.2.0-1, the FTBFS defintively seems so. ----cut---------cut---------cut---------cut---------cut---------cut----- diff -Nru openjpeg2-2.1.2/debian/changelog openjpeg2-2.2.0/debian/changelog --- openjpeg2-2.1.2/debian/changelog 2017-08-12 15:54:38.000000000 +0200 +++ openjpeg2-2.2.0/debian/changelog 2017-09-22 21:51:36.000000000 +0200 @@ -1,26 +1,13 @@ -openjpeg2 (2.1.2-1.3) unstable; urgency=medium +openjpeg2 (2.2.0-1) unstable; urgency=medium - * Fix FTFBS (Closes: #871905) + * New upstream release. Closes: #872041 + * Fix CVE-2016-9113. Closes: #844552 + * Fix CVE-2016-9114. Closes: #844553 + * Fix CVE-2016-9115. Closes: #844554 + * Fix CVE-2016-9116. Closes: #844555 + * Fix CVE-2016-9117. Closes: #844556 - -- Moritz Muehlenhoff <j...@debian.org> Sat, 12 Aug 2017 15:54:38 +0200 - -openjpeg2 (2.1.2-1.2) unstable; urgency=medium - - * Non-maintainer upload - * Fix CVE-2016-1626, CVE-2016-1628, CVE-2016-5152, CVE-2016-9112 and - CVE-2016-9118.patch - - -- Moritz Muehlenhoff <j...@debian.org> Fri, 11 Aug 2017 22:17:07 +0200 - -openjpeg2 (2.1.2-1.1) unstable; urgency=medium - - * Non-maintainer upload. - * Add CVE-2016-9572_CVE-2016-9573.patch patch. - CVE-2016-9572: NULL pointer dereference in input decoding - CVE-2016-9573: Heap out-of-bounds read due to insufficient check in - imagetopnm(). (Closes: #851422) - - -- Salvatore Bonaccorso <car...@debian.org> Sun, 22 Jan 2017 14:18:13 +0100 + -- Mathieu Malaterre <ma...@debian.org> Fri, 22 Sep 2017 21:51:36 +0200 openjpeg2 (2.1.2-1) unstable; urgency=medium ----cut---------cut---------cut---------cut---------cut---------cut----- Thanks for your time, double-checking and working on openjpeg2! Regards, Salvatore
--- End Message ---
--- Begin Message ---Source: openjpeg2 Source-Version: 2.2.0-2 We believe that the bug you reported is fixed in the latest version of openjpeg2, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 876...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Mathieu Malaterre <ma...@debian.org> (supplier of updated openjpeg2 package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Tue, 03 Oct 2017 07:20:44 +0200 Source: openjpeg2 Binary: libopenjp2-7-dev libopenjp2-7 libopenjpip7 libopenjp3d7 libopenjp2-7-dbg libopenjpip-dec-server libopenjpip-viewer libopenjpip-server libopenjp3d-tools libopenjp2-tools Architecture: source Version: 2.2.0-2 Distribution: unstable Urgency: medium Maintainer: Debian PhotoTools Maintainers <pkg-phototools-devel@lists.alioth.debian.org> Changed-By: Mathieu Malaterre <ma...@debian.org> Description: libopenjp2-7 - JPEG 2000 image compression/decompression library libopenjp2-7-dbg - debug symbols for libopenjp2-7, a JPEG 2000 image library libopenjp2-7-dev - development files for OpenJPEG, a JPEG 2000 image library libopenjp2-tools - command-line tools using the JPEG 2000 library libopenjp3d-tools - command-line tools using the JPEG 2000 - 3D library libopenjp3d7 - JP3D (JPEG 2000 / Part 10) image compression/decompression librar libopenjpip-dec-server - tool to allow caching of JPEG 2000 files using JPIP protocol libopenjpip-server - JPIP server for JPEG 2000 files libopenjpip-viewer - JPEG 2000 java based viewer for advanced remote JPIP access libopenjpip7 - JPEG 2000 Interactive Protocol Closes: 876535 Changes: openjpeg2 (2.2.0-2) unstable; urgency=medium . * Fix changelog. Closes: #876535 * Provide openjpeg-2.1 compat symlinks: + usr/include/openjpeg-2.1 + usr/lib/$(DEB_HOST_MULTIARCH)/openjpeg-2.1 Checksums-Sha1: 968129805d89f99dc49fc81997e2e517e58904f4 2786 openjpeg2_2.2.0-2.dsc 8e52faa0da33d4064618a5f8c1f079a421cd6e80 17772 openjpeg2_2.2.0-2.debian.tar.xz 24a8651eefb8dfbfd89654ca7367ab5ec8bba118 12774 openjpeg2_2.2.0-2_source.buildinfo Checksums-Sha256: d457def4421212fc39fe1214d8458fef28b3ab09cc253e5e33d1b0036f93c915 2786 openjpeg2_2.2.0-2.dsc 56866e6d4f0a3e889fa3eb46b355b14e4860e75ed8fa69039d02d08d20df3abe 17772 openjpeg2_2.2.0-2.debian.tar.xz c1269cd9b1ecc8222d935829d58ab65eee7ab3d93181d18c12424cb7e95e12ef 12774 openjpeg2_2.2.0-2_source.buildinfo Files: e9393e2ec2131d96f6e70cab54f5af32 2786 libs optional openjpeg2_2.2.0-2.dsc dd0766c639fc8da309f4f73ad27a2edd 17772 libs optional openjpeg2_2.2.0-2.debian.tar.xz 2618cc81e6077b139ab98f257a33affc 12774 libs optional openjpeg2_2.2.0-2_source.buildinfo -----BEGIN PGP SIGNATURE----- iQJFBAEBCAAvFiEEaTNn/67NjqrNHwY7AXHhgorgk0UFAlnTQ0ERHG1hbGF0QGRl Ymlhbi5vcmcACgkQAXHhgorgk0XF5w/6A5ZobNor1Zq6RJcE+IzlWP71QA2tqzDy 2SBIq1tx9cbXomkGs39zrU+0RQXhgXBwjOc73yo00KX4QWVmN16KxfoZkaGgO4g1 aCbrb2CFbOe8JSzU9Y5sy+BvPilJGzU7SVCKpU7H/H44FkkkwUxh6HzHHJryP4GD PimGXTe5wd30h9AOAAX3IuVaF9Qog+WIgw6Ly5Edit+eah9ItYdKBISfGlogn9p3 eL6s+YSavwwMyfP4LBd829WcfvxkTYKCT5wyK3qDm4WKCbneuNcpWX8JgZ7M6YDJ a0dSuLxxtdJpeAQC7jQ3x514XaxrBucPQTmw8zfb1VIePl5oPvHFPOtSIN+YWOAf FnZM6qnarDT3tN/CTQkPaMekgxovgiNO32fDYkQUsZMuV03a9cYzoSHbvg2pbvsL 7b5i/LHdTAAoUVdi8+qDovA+3Cfe9Pueb3Mp03fsGoCx+T5+F1VY+gPhBqlIF6Mx dJ3z6x/lgiuvAOsxupzlPny9jRbUhzzBeZbvQZeHZ7Vnciz2Q3ygST39+tz3Gomn qVhgWnPNbMzlzJdM56EW+vgErqbUuE5VILCcIY8sjuxcPzzc9AZ19zZaJ0HfuBaj WuJbFth+SzZltcrEzcWiOqNuW4MqHzMxlOXdSSDkiDBAvh5J3OmKntaQgjTqYY9M jtiU+y2cyL0= =Nlfl -----END PGP SIGNATURE-----
--- End Message ---
_______________________________________________ Pkg-phototools-devel mailing list Pkg-phototools-devel@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-phototools-devel
