Your message dated Tue, 27 Jan 2015 00:03:31 +0000
with message-id <[email protected]>
and subject line Bug#775536: fixed in elfutils 0.159-4.1
has caused the Debian Bug report #775536,
regarding elfutils: CVE-2014-9447
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
775536: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775536
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: elfutils
Version: 0.159-4
Severity: important
Tags: security
Please see
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9447
for details.
Cheers,
Moritz
--- End Message ---
--- Begin Message ---
Source: elfutils
Source-Version: 0.159-4.1
We believe that the bug you reported is fixed in the latest version of
elfutils, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Michael Gilbert <[email protected]> (supplier of updated elfutils package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Mon, 26 Jan 2015 01:49:30 +0000
Source: elfutils
Binary: elfutils libelf1 libelf-dev libdw-dev libdw1 libasm1 libasm-dev
Architecture: source
Version: 0.159-4.1
Distribution: unstable
Urgency: high
Maintainer: Kurt Roeckx <[email protected]>
Changed-By: Michael Gilbert <[email protected]>
Description:
elfutils - collection of utilities to handle ELF objects
libasm-dev - libasm development libraries and header files
libasm1 - library with a programmable assembler interface
libdw-dev - libdw1 development libraries and header files
libdw1 - library that provides access to the DWARF debug information
libelf-dev - libelf1 development libraries and header files
libelf1 - library to read and write ELF files
Closes: 775536
Changes:
elfutils (0.159-4.1) unstable; urgency=high
.
* Non-maintainer upload by the Security Team.
* Fix CVE-2014-9447: path traversal issue in ar (closes: #775536).
Checksums-Sha1:
42be1b5f710c9b5cb6a0dd9699708c6ec3168cf4 2953 elfutils_0.159-4.1.dsc
330d557f5917ef3928dce87daabf2c3974623196 48900 elfutils_0.159-4.1.debian.tar.xz
Checksums-Sha256:
3805b469100d63db466a079bb4b470dabefe518adce5dc6de4918bcde4e76631 2953
elfutils_0.159-4.1.dsc
47039f132fbc0d5107e4e2348d8559f62b317909936e2c1dcf0f5c1625ffbead 48900
elfutils_0.159-4.1.debian.tar.xz
Files:
379515000071898673e12847efff2edb 2953 libs optional elfutils_0.159-4.1.dsc
9407e26f6ab8c95677b56fd639778f5a 48900 libs optional
elfutils_0.159-4.1.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQQcBAEBCgAGBQJUxZ9xAAoJELjWss0C1vRzUgUf/iyVkqnlwi8AuQvEDJMZlyaN
juTeBHMRsNZJobxP5G7CciNw5TyfMEGm0/V4DPrHAma8DirEACnPeTYNEPmqedDJ
0KBXOOsacR31sswXe5eRct575AELEQcaRcMwG4YSAp1AAfpBIdrqR5wuBYRBWkPv
VqKhmPoEohyJttcbyEjNgg7fN7DKFKxWhjx4SiMETvx3ngWs+njKGYW8gkAl5Z2B
PlhUg2tsPfySyyOzH9tdpj6OANB0GpN3oXez+LrVUZQR0eEyW76RFBoWwEATohWm
tdTcbu826CZgOY8Wcgb7s7zvUumsqW2OOZIjRj6yMexB5/odemAwFX+r5RHYu3Zb
lHHnYqrPF27qulQurPaW9ydMIdj9NLDDK1EifotKZFc4fM+lbJ1fh3jjXEkG1Gbj
2WdmUMO5YNqoZ5ZYYxsOvOHl0LksLZ0dl3a/yaEQEn8r0IBm0LAjUSC/VG26PZeT
s/7l2/XbRWfIsL5ktm6Y+i3d7aQcjRwBS92wYhOIHUi3kXxPFQspKGA6g7rX3Wur
tlQHlFM+qpOTNlrwgpAUynCunY1laRmUWUmnR4xDCSWlS6AIXaE6rGYK894fQi3V
tFyTZfld3GdOYKO7ArACTzdXTAtu0hgFLE3kNxlAKMhphk5sz8bg+Sx4ZYO4wVjF
V5b/bB0EfROvFLI3eTWoNHupQj3UxaENMWgAYLPv/3mQWOZtIXQbeEsJkabJyz7Q
NjGLOgxGX6ogDJyavzN6f1gMDyoY9WMcsQbmybpd5AtdCAFnQGXXJUrd/LNS83LK
TFZYVfl47V1G4kVf1+kaihOvcZuPZQrD1FmFYU1CK/S94maTStEkK1L14V8F/Rw3
0XW/wBMfq3RIf2pwvJ9Lf1D2GJlldzt1eGVqbC/ZMxc7CgO4EVsGqMifbzaAk0bo
jRyccUtk00HjRLp2sy/Pj0GQMd6eUmne63Y5Du1nkwptZiAFK4DLUWV64q+3AUSO
NUW2FT1W4tuwz5ILIWXbSAUJWrbXyjGjAyLcXBBd/QJPm5q+sr1zX64V16jawEbb
918AiNqtMI2oVGRC7DfSlyUVKG4XYk74UaAFzF6lrbGTrFDsqf9di9TnqZNJzrlG
xm5bPStCupxsSU4ErDm/va07u7z614hiiVRJJWQPK8CFC1/sag5U4JoeOmDrBQ58
PEmbP9exA37hXD7wqNila5ue1hx/WUAD3Dq5mPeXPLBArz9k/q7bIzessvq4LAMA
ZEjbcWsjwiQT8dX6JiE9yMm0fVbsSgFSHoa+V7kJt7ukepWRmAC3uhHrQY23mbkC
/g525M0LcnR59H49mHAqGjosi49KCEAHSu5tlzR9dfibKy/AgjkpqX/WVm1gxVI=
=nw8R
-----END PGP SIGNATURE-----
--- End Message ---
