Your message dated Wed, 26 Apr 2023 01:34:01 +0000
with message-id <[email protected]>
and subject line Bug#801872: fixed in dc3dd 7.3.1-1
has caused the Debian Bug report #801872,
regarding dc3dd: buffer overflow
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
801872: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=801872
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Package: dc3dd
Version: 7.2.641-3
Severity: normal
Tags: security
Buffer overflow issue was announced in Bugtraq[1] with proof-of-concept:
dc3dd `perl -e 'print "A" x 90000'`
The tool is not supposed to be executed with this kind of input so this seems to
be minor issue. Please correct me if I am wrong. I am submitting this bug so
that we can track the issue and make changes if needed.
1: http://seclists.org/bugtraq/2015/Oct/71
- --
Henri Salo
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iQIcBAEBAgAGBQJWH6r3AAoJECet96ROqnV0QcAQAK9EtS7IsUPly2CVVz2SeIo9
o/u88X5FAlwhS8WPe1ByWeIorO0hOzMfIY1kVZRV3bMBW79GLD1CFBZt8+/yn+0T
rbVu4sI3hOUnr5hRo+NINO8vUIsYSNoe380qeHvysSRO0NNxC+anOVK585sH3N6z
BuKkAuPR7VmBPjuHsTXMdy8meRSQVp45kcfPth7ROklQRLSlLKFk7qKWsVFVLjPS
a72u758tD1ZoqtFO2GlkywXWvJlhoBoHwUDyrTJ0wXy05QeYj/RVy18thehqV0lX
oUoSjh8fO+1vscaTMYHbKlt/fuB4mXOYuaox4QX03BJQmuEO028j/VYAqe7fvZKe
a7XWBK0D1TEZi2vHv9adOZRbVmJAS0oznW3Tjox1Zj42vvesUPXW7yP87BJPX0UV
r3HShG+P8iuwMUO+CSFu6Bs/qHsMxRPRicObdII9yRlNEyH+zrl0zwS9vi75FhSR
XYru9kB6whRmuEtdQ/zfZpj0kYn6kvzeGZFy0cq7XpHNn93wfNGLE8QENM96Mi4c
8MFos7uu3rQyXfzRd8Ch6jb93m+YflCFhNvKXZI5qsXKwr1kKIWNdoHmU/1nczT0
MdE9nKrHCNDFDZdGwU+KXYzXfBAmsJJt3MuwPsBtD3UkW5ijxNzy9Q3w1HT/tBoB
neNrPLKlCJxZenZkrV9I
=xQYd
-----END PGP SIGNATURE-----
--- End Message ---
--- Begin Message ---
Source: dc3dd
Source-Version: 7.3.1-1
Done: Joao Eriberto Mota Filho <[email protected]>
We believe that the bug you reported is fixed in the latest version of
dc3dd, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Joao Eriberto Mota Filho <[email protected]> (supplier of updated dc3dd
package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Tue, 25 Apr 2023 18:49:38 -0300
Source: dc3dd
Architecture: source
Version: 7.3.1-1
Distribution: experimental
Urgency: medium
Maintainer: Debian Security Tools <[email protected]>
Changed-By: Joao Eriberto Mota Filho <[email protected]>
Closes: 801872
Changes:
dc3dd (7.3.1-1) experimental; urgency=medium
.
* Team upload.
* New upstream version 7.3.1. (Closes: #801872)
* debian/patches/10_fix-spelling-error.patch: removed because the upstream
fixed the source code. Thanks.
* debian/tests/control: created a new test to check #801872.
Checksums-Sha1:
d8d74a50acc13179ec972034429b38907a2339fc 1901 dc3dd_7.3.1-1.dsc
78310dea6afed4635f9e29bb820dda5dd67a31ae 2218056 dc3dd_7.3.1.orig.tar.xz
dd1a13691e77cd13d0006ed1212f88a63aec9c97 12372 dc3dd_7.3.1-1.debian.tar.xz
4da68125d87b5390095ab09bbbbbd9adef473f3a 6026 dc3dd_7.3.1-1_source.buildinfo
Checksums-Sha256:
03b395de378b46e43ba6e828f0b14e2586b737b4b393b5f8d72f4e08fcee591d 1901
dc3dd_7.3.1-1.dsc
29d99e1ce198ca94ec0c714e4a0e86159222aae7b841db578c5cc55781e98cdd 2218056
dc3dd_7.3.1.orig.tar.xz
4e564e6d236e04c800563c158a19a7fb10e61013e8367a459fd70f3f47120bdd 12372
dc3dd_7.3.1-1.debian.tar.xz
93d027b0a4a0bb45697a44e97f248919606bd8911f1809aa1fb739bf27a7158b 6026
dc3dd_7.3.1-1_source.buildinfo
Files:
a4a529b722d9aec41fdd857fff0d97a1 1901 utils optional dc3dd_7.3.1-1.dsc
51eec9dfd469a1ec891de221818f9679 2218056 utils optional dc3dd_7.3.1.orig.tar.xz
802fd2d972aa12c28d8b2f4f2ac928dd 12372 utils optional
dc3dd_7.3.1-1.debian.tar.xz
cdbd418964375d5a0dcecc053fbd99a2 6026 utils optional
dc3dd_7.3.1-1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEENX3LDuyVoBrrofDS3mO5xwTr6e8FAmRIdwUACgkQ3mO5xwTr
6e+6+g/+O7VEQnbQakjZ/XqqA5CgRSx+fCBJdUzcP23KvXNuAZc098594ti1W7ue
lJnhPDdOXj0y67a8AQmUlgKKykmX4uU3/ATfQ3g/PcgAGgeta9mlpse11lp80075
eKMpugGgP5L0KfpWbEhcBvJeE7FGn0LgIlxm1ejezbzMtSlIVctiyJqbfDOJdHcC
bLZZ4zIeZUFadWt4cycaDG/42f5iiaQ9FVamHlkKE1zQXMpsmzioFShnef8PW78y
d3f/3bbR0eJFF5UhDMovZPLRDt4Gdpepcjcv3syWC3OFv9CtutlPdB/FXbQODZI4
z5LdYafViRaDRog1hm5o109BmXL6ZX6IjZJGe68UbjAw+do6PJloEr11AE4GIUEk
IuRp1SWeQC7hii3tK3ejHfUu1f2kPtpSTwaKnVK5r18mGVQf4lIDf1vgLB0mEiy9
H3tlqKz6HVBR5WvfVLQegCjRtaLRiLZVoVKpyQZuw9vwJHu3IGTwLNK67dg2u7Ax
sZcmyXi9tCogt5lLfOOhSv/Xh31lGwHT1Mm5oz1s0mj9POlK8y+Wh1qUFwqtd2Fw
RxS63oy+J8HJikIgh43emafPRV84Pm9oOGuHJb2Nf6DvgCy6xZVZMOvasD93BabF
kQBsMFc4MINHfiRi4+29uNJQ/Tb+Etx5V9cT8nCb9x+zUiYUYco=
=6CZb
-----END PGP SIGNATURE-----
--- End Message ---
