Your message dated Mon, 06 Nov 2017 19:34:09 +0000 with message-id <e1ebn9t-000aep...@fasolo.debian.org> and subject line Bug#879708: fixed in apr 1.6.3-1 has caused the Debian Bug report #879708, regarding apr: CVE-2017-12613 to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 879708: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=879708 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Source: apr-util Severity: important Tags: security I'm sure you're aware, but filing for completeness in the BTS anyway: http://mail-archives.apache.org/mod_mbox/apr-dev/201710.mbox/%3CCACsi252POs4toeJJciwg09_eu2cO3XFg%3DUqsPjXsfjDoeC3-UQ%40mail.gmail.com%3E Cheers, Moritz
--- End Message ---
--- Begin Message ---Source: apr Source-Version: 1.6.3-1 We believe that the bug you reported is fixed in the latest version of apr, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 879...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Stefan Fritsch <s...@debian.org> (supplier of updated apr package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Mon, 06 Nov 2017 20:07:42 +0100 Source: apr Binary: libapr1 libapr1-dev libapr1-dbg Architecture: source amd64 Version: 1.6.3-1 Distribution: unstable Urgency: medium Maintainer: Debian Apache Maintainers <debian-apache@lists.debian.org> Changed-By: Stefan Fritsch <s...@debian.org> Description: libapr1 - Apache Portable Runtime Library libapr1-dbg - Apache Portable Runtime Library - Debugging Symbols libapr1-dev - Apache Portable Runtime Library - Development Headers Closes: 879708 Changes: apr (1.6.3-1) unstable; urgency=medium . * New upstream version - Fixes CVE-2017-12613: Out-of-bounds array deref in apr_time_exp* functions. Closes: #879708 * Replace obsolete priority extra with optional. Checksums-Sha1: 7548e0ff3d9d67b894681daf411d13114381eb85 2319 apr_1.6.3-1.dsc 4f3aa8d8204a2674868b9d485c11349e1848987d 854100 apr_1.6.3.orig.tar.bz2 96e88e4f07335053be605bf6f3983103b6da6926 801 apr_1.6.3.orig.tar.bz2.asc 45a03eae5cedd38d055fd9f577c85d6fb48c4e28 212956 apr_1.6.3-1.debian.tar.xz 48a20b6f0906b0c5c97ec538d6495db1df558fa1 6831 apr_1.6.3-1_amd64.buildinfo 5ae8a697e3ed1b5a34d9cd574aa9740e073cb542 288080 libapr1-dbg_1.6.3-1_amd64.deb 43d76fa2ddf1eea56c6cc863087339f7bcdbeb1b 704048 libapr1-dev_1.6.3-1_amd64.deb c15c2efe778f03c19d01769d998daf0bf298696a 100436 libapr1_1.6.3-1_amd64.deb Checksums-Sha256: 4053fe879e73b58b85b9faef47f88f3f2f5b416ea57df2eb9617e6313e16b33d 2319 apr_1.6.3-1.dsc 131f06d16d7aabd097fa992a33eec2b6af3962f93e6d570a9bd4d85e95993172 854100 apr_1.6.3.orig.tar.bz2 33db39162f7ca9acdccaa4f19630a67045542791b262116d3512c8b5d7c3fca1 801 apr_1.6.3.orig.tar.bz2.asc 81c13e7277db373f6b72279caa576c9cd91a9902c8798d628e2c2d504962eb8e 212956 apr_1.6.3-1.debian.tar.xz 13c8fdd1eb75a3712388efd0c324fa522b255fa554b8c0c8510a08bc0f2e7926 6831 apr_1.6.3-1_amd64.buildinfo 2c3c43573a2c3129b44faa38ba133c436d199004e946ca1d19671efba4936a05 288080 libapr1-dbg_1.6.3-1_amd64.deb 798203f30e4b0c4ee40b499f901e9c9919fea116b40b641b64d913f1756288b2 704048 libapr1-dev_1.6.3-1_amd64.deb db7f608eec6e3354aeb559ac7072bfee5ad0aa982bccf67fa6491eab7cdb0e51 100436 libapr1_1.6.3-1_amd64.deb Files: 5af4f8274f37af1136be6b8053538c62 2319 libs optional apr_1.6.3-1.dsc 12f2a349483ad6f12db49ba01fbfdbfa 854100 libs optional apr_1.6.3.orig.tar.bz2 51443db1316879ba2e0c1ad1f6ca263f 801 libs optional apr_1.6.3.orig.tar.bz2.asc f093d07190bbd8bee385bee6b7dddf95 212956 libs optional apr_1.6.3-1.debian.tar.xz 3b6c62d602bcf2e9749fc1c6513e1280 6831 libs optional apr_1.6.3-1_amd64.buildinfo f99c9f4f7ec5af80ec67e138bf4949fc 288080 debug optional libapr1-dbg_1.6.3-1_amd64.deb 4a449641e30594303c232feb2461be01 704048 libdevel optional libapr1-dev_1.6.3-1_amd64.deb 1502781e8eb5ab32c9154d3b4bde9e7c 100436 libs optional libapr1_1.6.3-1_amd64.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEOpiNza8JqByyYYsxxodfNUHO/eAFAloAs74ACgkQxodfNUHO /eAAJRAAsxO2r+9JW31AYB7W18EjBrnj/MtiKOD1KYY2rHf7Pqe+H8dWP4dUjiOK nIpk9egNJLYS+C78D8DTeFmijdvGw2lTis5cmsh6xYRDpHWklNR+5W2p5xPS+3rI NzEH6CPgcknjIFesazLBfINOF56AcLUEuiGBy3h+vXybB5sv26EdTF8KJmiUIqnV g7ebHdLrnhJPP5UEd2yM3rHmKf8/yj5i+MWGMuQ3nEu/HmXQ3i4sTeDJeRH1WVIj JRPyd/9u7KAOqdzqALmJJYUlUUGqtyLOgim/fzkMn6I0rzBhEVCb4V7P/SiTCpdZ aZpnL6XvIxwNoLLbk7dESZsTpBkmtlqB+rDiosqeFz7Z9++EgiGhmoo1SG9jL70l WDg1SkYZVHuZUScqSRvumQzwmscMPWDiB8PP/Xb8DTHEyEK+3PC+r/8rJIJJFrG/ XBT9owhuVQM5SZ1r97YXySUChd5aJI2l1ZTWXoDsXrvr69OVhV4zLckzVEpAiiID a37eba2ZSTLTj3B1cmf2jmmZ56anWLunqkPQTFa1O455CkB9W8pksFxprUyyjmUj Ca+7d8mPICqRmhZE79Xi3cQspu9YGBOjcKrOC8Wm3uC92iNcZUpZ7R95ED8CY+gE kdM+11NpXnSdAD3HKLzwv/Ic28X5KOBxWdUWSILKI99EZKzvdpI= =odcT -----END PGP SIGNATURE-----
--- End Message ---
