Bug#864195: libopenmpt: Security updates libopenmpt-0.2.7386-beta20.3-p7 available

2017-06-08 Thread Jörn Heusipp
Hi, On 06/07/2017 11:45 AM, James Cowgill wrote: On 05/06/17 07:03, Jörn Heusipp wrote: A couple of security-related fixes have been released upstream as version 0.2.7386-beta20.3-p7. See https://lib.openmpt.org/libopenmpt/md_announce-2017-06-02.html These most importantly fix a couple of

Bug#864415: [inkscape] crash while rotating with snap to path

2017-06-08 Thread Carsten Knoll
Package: inkscape Version: 0.92.1-1 Severity: serious --- Please enter the report below this line. --- Reproducible crash when rotating a line whish should snap to another line (path). See video: https://vimeo.com//220771887 About Dialog says w.r.t. version: Inkscape 0.92.1 r15371 If it

Holen Sie sich einen neuen Job Heute

2017-06-08 Thread display
Hi, Wollen Sie wissen, wie Sie Geld mit Trading machen? Ingrid Fox ist genau der Richtige, um Ihnen zu zeigen, wie das geht. Sein Swiss Method bringt all seinen Nutzern ca. 2.200 tglich. Wie der Name der App schon andeutet, basiert der Algorithmus, den er entwickelt hat, auf dem Handeln mit

Bug#864195: libopenmpt: Security updates libopenmpt-0.2.7386-beta20.3-p7 available

2017-06-08 Thread Johannes Schultz
I don't understand patch p6 well enough to say how serious it is (depends on where the invalid pointer being dereferenced comes from). As far as I know, it is just a NULL pointer. Johannes did the analysis and might be able to elaborate (CCed). Correct. I am not sure if it is possible at

[bts-link] source package mpv

2017-06-08 Thread bts-link-upstream
# # bts-link upstream status pull for source package mpv # see http://lists.debian.org/debian-devel-announce/2006/05/msg1.html # user bts-link-upstr...@lists.alioth.debian.org # remote status report for #864042 (http://bugs.debian.org/864042) # Bug title: Tries to allocate zero-length DRM

Bug#864195: libopenmpt: Security updates libopenmpt-0.2.7386-beta20.3-p7 available

2017-06-08 Thread James Cowgill
Hi, On 08/06/17 13:23, Johannes Schultz wrote: >>> I don't understand patch p6 well enough to say how >>> serious it is (depends on where the invalid pointer being dereferenced >>> comes from). >> >> As far as I know, it is just a NULL pointer. Johannes did the analysis >> and might be able to

Processed: severity of 864415 is important

2017-06-08 Thread Debian Bug Tracking System
Processing commands for cont...@bugs.debian.org: > # I don't deem such a crash RC > severity 864415 important Bug #864415 [inkscape] [inkscape] crash while rotating with snap to path Severity set to 'important' from 'serious' > # talking to upstream right now… > End of message, stopping

Bug#864195: libopenmpt: Security updates libopenmpt-0.2.7386-beta20.3-p7 available

2017-06-08 Thread Johannes Schultz
Hi, I guess it depends on what you define as "reasonable". Depending on the malformed file and setup, they may take minutes to load (given that enough (virtual) memory is available to load all the truncated samples). The test cases that were generated by American Fuzzy Lop were about 5KB in