Your message dated Sat, 12 Nov 2016 12:19:20 +0000
with message-id <[email protected]>
and subject line Bug#842090: fixed in libwmf 0.2.8.4-10.6
has caused the Debian Bug report #842090,
regarding libwmf: CVE-2016-9011
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
842090: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=842090
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: libwmf
Version: 0.2.8.4-10.3
Severity: normal
Tags: security upstream
Hi,
the following vulnerability was published for libwmf. Opening the bug
to track the issue in the Debian BTS.
CVE-2016-9011[0]:
memory allocation failure in wmf_malloc (api.c)
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2016-9011
Note, no DSA is planned for jessie.
Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: libwmf
Source-Version: 0.2.8.4-10.6
We believe that the bug you reported is fixed in the latest version of
libwmf, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Balint Reczey <[email protected]> (supplier of updated libwmf package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Mon, 31 Oct 2016 20:29:09 +0100
Source: libwmf
Binary: libwmf0.2-7 libwmf-bin libwmf-dev libwmf-doc
Architecture: source
Version: 0.2.8.4-10.6
Distribution: unstable
Urgency: medium
Maintainer: Loïc Minier <[email protected]>
Changed-By: Balint Reczey <[email protected]>
Description:
libwmf-bin - Windows metafile conversion tools
libwmf-dev - Windows metafile conversion development
libwmf-doc - Windows metafile documentation
libwmf0.2-7 - Windows metafile conversion library
Closes: 842090
Changes:
libwmf (0.2.8.4-10.6) unstable; urgency=medium
.
* Non-maintainer upload.
* Fix allocating huge block of memory (CVE-2016-9011) (Closes: #842090)
Checksums-Sha1:
b5dad256eec422a8e5416d7928cdc4bca4788280 2064 libwmf_0.2.8.4-10.6.dsc
e5135e232af780f2ed036e1e431516cec1c6b56f 11252
libwmf_0.2.8.4-10.6.debian.tar.xz
Checksums-Sha256:
860bbc5b3cd947b837961155b511e54e6fa75f935d0aed6872e5c9884b0c8aac 2064
libwmf_0.2.8.4-10.6.dsc
081524291f605a7cb3ef1fe519e7da77b3b7c13d925f4368edcc72cb2c6fa259 11252
libwmf_0.2.8.4-10.6.debian.tar.xz
Files:
86e92a2945ed5d8f5481ce03c0101616 2064 libs optional libwmf_0.2.8.4-10.6.dsc
900a01295cfb94813a37c701ab899121 11252 libs optional
libwmf_0.2.8.4-10.6.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQIcBAEBCAAGBQJYGc66AAoJEPZk0la0aRp9ghsQAMB8u8Kq/m3dMjK7P/dl2KX0
5XS2sJLdjel90PkVyVi5HrUTCecwv0wR9YSXZSrxY0WibjxzWuQoApn6XBR4t/HS
SN5sKVAUxt9hGMD6LjyOBaLl5eh91iNASOytXUPTv0furxJ9RSAelPbnnAYmxvIF
caCCVtK8ibwOkpaM3jyYnSZ50aVD3qLHwMFd4/4IVulL7mzyH0mW3ZK7Ifhof3I3
55WBdg4LQiqyyKDXN6+mmXbCGKvVwx2Y7XG38/O2ImUCX6FzPiCFWno18TiG0LA4
yBLkn6ld1zVr7AlbqDjyq/vOm38c88fQSv8EjrrYouuCpQqRiazTrVvI2djbZ/AY
ZlxDN4NKjJOjtlW1mIHUoktWrwVb9fj6p12mgxn55+jAquyAx9RREQg7n9TFvt2z
FY6l5HBPivGjDDrpu83SaztFFi6rdG0Un0QLJCuUUE1CnCSnRtfzmTjOes5L2eHk
A9hY2UfFl1XNZA7nPkgCVu4/84xiotqoWkaiDiqd3bUwajCQY1JLM9R9QQ5H8+YS
mjA9dCorjMeXdgTQp+0BNNgbRYOZcsj2m+8htC50lbxi5aklwTk4jdxf4rkqw7U8
w64OKWkMRixXkLEM6n0TciG14Csc3dy4wgl8KuiecZu43ZpojoX2qeS72pakEoDr
x6SZmAr+cTdVqwcFznrk
=TjA+
-----END PGP SIGNATURE-----
--- End Message ---
