Bug#987278: marked as done (CVE-2021-30498 CVE-2021-30499)

[Debian Bug Tracking System]

Your message dated Sat, 28 May 2022 20:39:54 +0000
with message-id <e1nv3e2-000iae...@fasolo.debian.org>
and subject line Bug#987278: fixed in libcaca 0.99.beta19-3
has caused the Debian Bug report #987278,
regarding CVE-2021-30498 CVE-2021-30499
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
987278: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987278
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

--- Begin Message ---

Source: libcaca
Severity: important
Tags: security
X-Debbugs-Cc: Debian Security Team <t...@security.debian.org>

CVE-2021-30499:
https://github.com/cacalabs/libcaca/issues/54

CVE-2021-30498:
https://github.com/cacalabs/libcaca/issues/53

Cheers,
        Moritz  
        

--- End Message ---

--- Begin Message ---

Source: libcaca
Source-Version: 0.99.beta19-3
Done: Fabio Fantoni <fantonifa...@tiscali.it>

We believe that the bug you reported is fixed in the latest version of
libcaca, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 987...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Fabio Fantoni <fantonifa...@tiscali.it> (supplier of updated libcaca package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 28 May 2022 17:41:16 +0200
Source: libcaca
Architecture: source
Version: 0.99.beta19-3
Distribution: unstable
Urgency: medium
Maintainer: Debian QA Group <packa...@qa.debian.org>
Changed-By: Fabio Fantoni <fantonifa...@tiscali.it>
Closes: 987278
Changes:
 libcaca (0.99.beta19-3) unstable; urgency=medium
 .
   * QA upload.
   * Change Vcs-* fields for git repo on salsa.
   * Add upstream metadata
   * Add debian/watch
   * Add debian/gbp.conf
   * Merge from ubuntu:
     - SECURITY UPDATE: Heap buffer overflow
     debian/patches/CVE-2021-30498-and-30499.patch: fix buffer overflows
     in TGA and troff exports in caca/codec/export.c. (Closes: #987278)
     CVE-2021-30498 CVE-2021-30499
Checksums-Sha1:
 2fdfabd62d0ad9293047757dcf982de3eb764178 2187 libcaca_0.99.beta19-3.dsc
 76b1c5006c6f101717f971add4d51e6c16d0fb38 16424 
libcaca_0.99.beta19-3.debian.tar.xz
 e3e7298f3ce900751e6776b22c7cad17ea1fc236 11644 
libcaca_0.99.beta19-3_source.buildinfo
Checksums-Sha256:
 52c77188c78ce657f0ccf660e0b90fe12ad1ff9c8b32af079a5cd16afcbf10ef 2187 
libcaca_0.99.beta19-3.dsc
 f2c1e6012afa8263d47d7d81d98fbbc5cd02e1663b4a1bafca38a976f526f2e7 16424 
libcaca_0.99.beta19-3.debian.tar.xz
 f6bfd31200b3b4f704e45861c191321069cf1290bdd766e14db8ab04f83c0ff7 11644 
libcaca_0.99.beta19-3_source.buildinfo
Files:
 90ae1c4e9183967078d30727add2a81c 2187 libs optional libcaca_0.99.beta19-3.dsc
 8e88f9bdce06b092d1d7ff04d82e255c 16424 libs optional 
libcaca_0.99.beta19-3.debian.tar.xz
 04ae43826fb9d0a676d4da016a650894 11644 libs optional 
libcaca_0.99.beta19-3_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEkjZVexcMh/iCHArDweDZLphvfH4FAmKSfu4ACgkQweDZLphv
fH77VxAA59/OKvv0bPAe6H57nTT4WS7ZqESIzHBuRawpcKIFPEm5WthVpzL2j1l0
YaqyXKDsL0Nh+1eGW47yd6x6MvOBFzQ5bKgA0523/3s8LdfNgqbobLF1JFNf2esP
kAa3TIUSs8c2+cZBMM1LuJr3oEgKhszpNlFAkGyakBcLHLEhEDwNI2FBKyDPFL+O
K1HlS5nhr02IwoFEW5NSgNvgkgY9DsZbk8lqvSO5HRe2ym50+k5/rdsfb4zEtGs8
2gspshelmmdVtvVZrVmavgd9g+eZZv0wnrmWTKUPXCOS+akzPRig3evI5/uM4vZc
MHjh920Bvw2acbhzNXfj7kZJ1DGb2yT/p5G5gMhatC5ASkrpk/bqdenqprzb2zFC
UNPmKWqUFDDR+hgGHZnJD1XvS6LsplUgZLJjXb+jlfL1GdqP3lJ/L16YRPbOnGEi
19BqfAziBZ5h8YioypPU3y6xGAM7BLG6AOAfuYLl+Vq8h6Pv32GLsQ7IFc4A3LSO
LgVKq76XihxJY8C603DZAo9IW7vH+b8AmJCho4mb8j7UbpPF9R6hCxtqcle//FKA
ykRWfNUA/3K5pDX3Bnb/KX5kco12rha2j/QF6B+gpIzg7t6U9QaI3lDa/ri4zmKW
/oLkTmxQsHORxd8ys6ZHJIOqLPwZICaW2gjdlp0kUX75tVPfSwg=
=SgNs
-----END PGP SIGNATURE-----

--- End Message ---