Your message dated Mon, 07 Jun 2021 14:19:45 +0000
with message-id <[email protected]>
and subject line Bug#989437: fixed in htmldoc 1.9.11-4
has caused the Debian Bug report #989437,
regarding CVE-2021-23165 CVE-2021-26948 CVE-2021-26259 CVE-2021-26252
CVE-2021-23206 CVE-2021-23191 CVE-2021-23180 CVE-2021-23158
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
989437: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989437
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: htmldoc
Severity: important
Tags: security
X-Debbugs-Cc: Debian Security Team <[email protected]>
CVE-2021-26948:
https://github.com/michaelrsweet/htmldoc/issues/410
https://github.com/michaelrsweet/htmldoc/commit/008861d8339c6ec777e487770b70b95b1ed0c1d2
CVE-2021-26259;
https://github.com/michaelrsweet/htmldoc/issues/417
https://github.com/michaelrsweet/htmldoc/commit/0ddab26a542c74770317b622e985c52430092ba5
CVE-2021-26252:
https://github.com/michaelrsweet/htmldoc/issues/412
https://github.com/michaelrsweet/htmldoc/commit/369b2ea1fd0d0537ba707f20a2f047b6afd2fbdc
CVE-2021-23206:
https://github.com/michaelrsweet/htmldoc/issues/416
https://github.com/michaelrsweet/htmldoc/commit/ba61a3ece382389ae4482c7027af8b32e8ab4cc8
CVE-2021-23191:
https://github.com/michaelrsweet/htmldoc/issues/415
https://github.com/michaelrsweet/htmldoc/commit/369b2ea1fd0d0537ba707f20a2f047b6afd2fbdc
CVE-2021-23180:
https://github.com/michaelrsweet/htmldoc/issues/418
https://github.com/michaelrsweet/htmldoc/commit/19c582fb32eac74b57e155cffbb529377a9e751a
CVE-2021-23165
https://github.com/michaelrsweet/htmldoc/issues/413
https://github.com/michaelrsweet/htmldoc/commit/369b2ea1fd0d0537ba707f20a2f047b6afd2fbdc
CVE-2021-23158
https://github.com/michaelrsweet/htmldoc/issues/414
https://github.com/michaelrsweet/htmldoc/commit/369b2ea1fd0d0537ba707f20a2f047b6afd2fbdc
Crash in CLI tool, no security impact
Cheers,
Moritz
--- End Message ---
--- Begin Message ---
Source: htmldoc
Source-Version: 1.9.11-4
Done: Håvard Flaget Aasen <[email protected]>
We believe that the bug you reported is fixed in the latest version of
htmldoc, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Håvard Flaget Aasen <[email protected]> (supplier of updated htmldoc
package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Thu, 03 Jun 2021 21:29:16 +0200
Source: htmldoc
Architecture: source
Version: 1.9.11-4
Distribution: unstable
Urgency: medium
Maintainer: Håvard Flaget Aasen <[email protected]>
Changed-By: Håvard Flaget Aasen <[email protected]>
Closes: 989437
Changes:
htmldoc (1.9.11-4) unstable; urgency=medium
.
* Add patches to fix many CVE's. Closes: #989437
Fix: CVE-2021-23158, CVE-2021-23165, CVE-2021-23180, CVE-2021-23191,
CVE-2021-23206, CVE-2021-26252, CVE-2021-26259, CVE-2021-26948.
* Switch to DEP-14 layout
Checksums-Sha1:
c5b2055c42b760262cdcb82050c8f52d60048252 2128 htmldoc_1.9.11-4.dsc
eca0b7c139d488f22dd2c1b05671b857c280a781 19668 htmldoc_1.9.11-4.debian.tar.xz
109f0bff8d60714334f5d454323980fb47054c30 8316 htmldoc_1.9.11-4_amd64.buildinfo
Checksums-Sha256:
99043e1f21c6e952f0c095b4e6bf65a1251af9bdc3b68fbdb6daa16cb47874c7 2128
htmldoc_1.9.11-4.dsc
d606cc290677da4f5acd3be5ccbeaddd0fb49a7173fd82208266af68a7ea43c7 19668
htmldoc_1.9.11-4.debian.tar.xz
6969562ac605d2a34a13f0e44a72aaa011080940ef85b09e8ec256060942d350 8316
htmldoc_1.9.11-4_amd64.buildinfo
Files:
51b1bd0b8cb1c241d959b6eaa38c53fe 2128 web optional htmldoc_1.9.11-4.dsc
c9c244e07925d62a115a367d1ea09eb7 19668 web optional
htmldoc_1.9.11-4.debian.tar.xz
a70ae81101f7bc68af4f41303c795b90 8316 web optional
htmldoc_1.9.11-4_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEf3HB6ceOc10DYMbM8WfkPIFDtoIFAmC+Ip8ACgkQ8WfkPIFD
toLm0A/+LJtPxONj7zI8QZuQP5WjSWZ2XpOzjg0Ajh8Y08PlRn1jx6gEfLuxVOAy
Q8OSj+MIFQNVO7QA4pBCzt7n9E2I3wGjYOotDD9EPyTDFoY9BzROgQQFQIsnigBm
dmaeu8Hr8sCNgyfIJBTm8mXlzxfkkiUJBSxR7lABDwjJrLWM3Ke+IMDyFkkdderO
pM5kSHFUsf0VOCs+H2wJPfKLBQdXKdAjGWDZPAZxNPxmagYOxiA9MEqcAGCkbjtV
FAYbGjmJQV31ceIiWHSFY8B+emO9luoXdkB+a7cerxJ0jvTAcjdSnRysajkoIP3r
+1hyvnFzJHGzGgJKu3kYPfUf5Ss9/J3RQ/qZ4pRnday2hDk3L8hkWoxYMiB4eT5L
Xkxcgy3LYAlc/Fuq3hPCorOZqt4HVlIj15LeOgfjBIDMp7qVbqyDkkBFheZqlaI2
Wgh/bc+K/RtZdOHOtxI/+nqi+7GLxs8XzaRkk6HF6XPvxI7aPivZgaw5ocRNs9XP
5bT2n60eNuQSbmUIFInH+j5U1aGuryTNLgONeyOHxkm5qZMRzEX1ruMw9M1X90jt
LIFtPiEhtIr8HSA1eVvhzHO1ltRwlq+PdfaiwTs5Q/maB5wgPyVyjWKFhP+ITWD3
Wkut5OG5hiqgnyJLzOT9VNvO8hoGlJlYAr+yd0HKiVwR6lNiYrY=
=78/f
-----END PGP SIGNATURE-----
--- End Message ---
