Your message dated Tue, 05 Mar 2024 05:49:34 +0000
with message-id <[email protected]>
and subject line Bug#1065443: fixed in iwd 2.16-1
has caused the Debian Bug report #1065443,
regarding iwd: CVE-2024-28084
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
1065443: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1065443
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: iwd
Version: 2.15-1
Severity: important
Tags: security upstream
X-Debbugs-Cc: [email protected], Debian Security Team <[email protected]>
Hi,
The following vulnerability was published for iwd.
CVE-2024-28084[0]:
| p2putil.c in iNet wireless daemon (IWD) through 2.15 allows
| attackers to cause a denial of service (daemon crash) or possibly
| have unspecified other impact because of initialization issues in
| situations where parsing of advertised service information fails.
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2024-28084
https://www.cve.org/CVERecord?id=CVE-2024-28084
Please adjust the affected versions in the BTS as needed.
Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: iwd
Source-Version: 2.16-1
Done: Jonas Smedegaard <[email protected]>
We believe that the bug you reported is fixed in the latest version of
iwd, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Jonas Smedegaard <[email protected]> (supplier of updated iwd package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Tue, 05 Mar 2024 06:28:42 +0100
Source: iwd
Architecture: source
Version: 2.16-1
Distribution: unstable
Urgency: high
Maintainer: Jonas Smedegaard <[email protected]>
Changed-By: Jonas Smedegaard <[email protected]>
Closes: 1065443
Changes:
iwd (2.16-1) unstable; urgency=high
.
[ upstream ]
* new release;
fixes CVE-2024-28084;
closes: bug#1065443, thanks to Salvatore Bonaccorso
.
[ Jonas Smedegaard ]
* set urgency=high due to security bugfix
Checksums-Sha1:
67cb5ea595752f48fa93569bd637507decfa7f70 1953 iwd_2.16-1.dsc
a91bb8880b980f7834928eaecd3a15dde346aebb 1083684 iwd_2.16.orig.tar.xz
4957ce21a21c2f0a42643254e4cdb427d4fef2c8 17648 iwd_2.16-1.debian.tar.xz
81ba15a750f7862c885764840584aef40a216229 7006 iwd_2.16-1_amd64.buildinfo
Checksums-Sha256:
09210c21a8633a344fe3b6be084645c8d665eef1d05e090a729b5c60ecf64125 1953
iwd_2.16-1.dsc
c1a82032e994861e794cf3b5a16d07ae1aa03a6674f716c73408ffeae2a233ba 1083684
iwd_2.16.orig.tar.xz
674234ab518587c852acc92115e1b406177515e5dfddc1d9cb374c4429553fee 17648
iwd_2.16-1.debian.tar.xz
a5f02ffec92c0a5d5663b92f27cf387ae3e5e8d76c29b59fe593ad7e0eb7b544 7006
iwd_2.16-1_amd64.buildinfo
Files:
0945f7d01fa5065b5fb4199efb6f5f91 1953 net optional iwd_2.16-1.dsc
cd00f677dd178d0a9d4f1ab697d2e2cc 1083684 net optional iwd_2.16.orig.tar.xz
47cabf7e42707fb1ffd906018d7e2009 17648 net optional iwd_2.16-1.debian.tar.xz
b99d1ad292acc809b2a5d7b866cbbf37 7006 net optional iwd_2.16-1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEn+Ppw2aRpp/1PMaELHwxRsGgASEFAmXmrggACgkQLHwxRsGg
ASEfMBAAmDYhaV3/tfJR42KdBjNiCtLFz1Hz++okwYkKH7KG+PVlU2Ycj1U9Mu/8
FpslpKTUos5qSItI7/GlFA9HHMJG2YANLZK1GIh1UE5RaKZ6825K4+uX7xYY30/B
RkxqxLXNC7f9eY7c5OgIJL4cz/8mqFtQJLGOBzJkTfEClOyoPhsnWFRNApvsNYmb
Dctd1jwS6aPDukURwjPyb96kZRFa36Om76J8+OqYIJROlo5T6yMdscA/db5Jrm1s
1wZ6YnSqmMy46wk7cmDovFO/MPCCoShFX1D2eIcW0UGRxifdQKjl7GMZmX/6TfWx
eCbcYjqFak5tvURsqlKnVpXZFVSD/pKNLeyOeYhRGZHdWhTHDe+o1liiuGIsROmX
N77hBsk1gdOzEGgFS/NL47x3XSfjXm8OogIOeTU7C4+CZV1sEBaBzh5bhE785Lz0
WrtN6KJGO6w6EY4bCs6A+2Z0dKvCZpGVl5KrfiZzN3xC5jJFhJyUTOLax3sTfdQl
ygpysBjv15fJeEr8ZqgQQg7L5Qq25fzqbxQNvBlmY8Ye27EGjXf38gS5Dbvc7XDW
zIObi6flmASyXWFM9URYrT4VzFA8aY7jFkbwfP/lFsWd3Ur7ckk9xXEXDXb4Wc7f
6nUf0V+/6zMm5nHIfnv7+SCp/414+JWvsyN/nJOsiPlde84tfaI=
=uJq9
-----END PGP SIGNATURE-----
pgp4uuHnRkI_d.pgp
Description: PGP signature
--- End Message ---
