Bug#984446: marked as done (CVE-2021-3420)

Debian Bug Tracking System Wed, 06 Mar 2024 15:27:25 -0800

Your message dated Wed, 06 Mar 2024 23:24:02 +0000
with message-id <[email protected]>
and subject line Bug#984446: fixed in newlib 4.4.0.20231231-1
has caused the Debian Bug report #984446,
regarding CVE-2021-3420
to be marked as done.


This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
984446: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=984446
Debian Bug Tracking System
Contact [email protected] with problems

--- Begin Message ---

Source: newlib
Severity: important
Tags: security
X-Debbugs-Cc: Debian Security Team <[email protected]>

This was assigned CVE-2021-3420 and also affects src:newlib:
https://sourceware.org/git/?p=newlib-cygwin.git;a=commit;h=aa106b29a6a8a1b0df9e334704292cbc32f2d44e

Cheers,
        Moritz

--- End Message ---

--- Begin Message ---

Source: newlib
Source-Version: 4.4.0.20231231-1
Done: Petter Reinholdtsen <[email protected]>

We believe that the bug you reported is fixed in the latest version of
newlib, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Petter Reinholdtsen <[email protected]> (supplier of updated newlib package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Wed, 06 Mar 2024 23:54:56 +0100
Source: newlib
Architecture: source
Version: 4.4.0.20231231-1
Distribution: experimental
Urgency: medium
Maintainer: Debian QA Group <[email protected]>
Changed-By: Petter Reinholdtsen <[email protected]>
Closes: 984446 1037427 1064733
Changes:
 newlib (4.4.0.20231231-1) experimental; urgency=medium
 .
   * QA upload.
   * Orphan package with approval from the current maintainer.
 .
   [ Vagrant Cascadian ]
   * debian/rules: Pass arguments to tar for consistency (Closes: #1037427)
 .
   [ Petter Reinholdtsen ]
   * New upstream version 4.4.0.20231231
    - Fixes CVE-2021-3420 (Closes: #984446).
    - Fixes build problem (Closes: #1064733).
   * Switched from debhelper compat level 9 to 10 to avoid deprication warning.
   * Updated to Standards-Version 4.6.2.
   * Added some metadata to d/patches/ files.
Checksums-Sha1:
 cb9a2ad9659ce89c77eceb8aa909516fad8dce89 2275 newlib_4.4.0.20231231-1.dsc
 6d2601df134005f2c8cd20b7f684f74fe317e96b 9022406 
newlib_4.4.0.20231231.orig.tar.gz
 89868afb4aa689ddc254ebc9a337ff374fec096c 13736 
newlib_4.4.0.20231231-1.debian.tar.xz
 12ee725c2204363a0e40d59756de38ecf973ab5e 6970 
newlib_4.4.0.20231231-1_source.buildinfo
Checksums-Sha256:
 52a1e33c871fb50c9d875868f2c83f3e23904d42b21b7919ccd91fb29dc7ffb5 2275 
newlib_4.4.0.20231231-1.dsc
 0c166a39e1bf0951dfafcd68949fe0e4b6d3658081d6282f39aeefc6310f2f13 9022406 
newlib_4.4.0.20231231.orig.tar.gz
 0caa8508d4385b9d766be07f4a97cf1c9c94ccd4f46297a08e716b991544aa8b 13736 
newlib_4.4.0.20231231-1.debian.tar.xz
 531252804ddd4a743d9b53f71116e59b76bd58b2c5af8076c8955e7cbdfc13c6 6970 
newlib_4.4.0.20231231-1_source.buildinfo
Files:
 25a700c18a92245dc65c3665988ed255 2275 devel optional 
newlib_4.4.0.20231231-1.dsc
 b8ecda015f2ded3f0f5e9258951f767e 9022406 devel optional 
newlib_4.4.0.20231231.orig.tar.gz
 1ff87017afd4fde420db521066fd7322 13736 devel optional 
newlib_4.4.0.20231231-1.debian.tar.xz
 9dd8d04e048cf1142ac4824a02efb908 6970 devel optional 
newlib_4.4.0.20231231-1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEERqLf4owIeylOb9kkgSgKoIe6+w4FAmXo9MoACgkQgSgKoIe6
+w4p4g//aMhzrcmfMMsY1YgH3iEa2is5Jcu884IBjm32H7tVUTjSQCii7tZAvkPv
dHUr4/aQRWy70/SEaLTXT1Mq6FsF1Qru+eOE3qpynyxwHXyuyWJf90zAzY+Lm7B1
IWNkNCrcLu4Nc3tnt+s0ptgtOaUv+KZ0wjSqRLgMeeXsJFU0wtNePiTNeakl9FEZ
u+TbQFosF9RsQkSS4vOB9JCEWI7zKsJOyNt09aY6kFfoMJTKHJ9P+PLzG7R4wVp6
9RfibvOZR7Yk6ybRSeBw5K89pJVhyYnmBOS/TD5wKgDe0ZLmH5l4nUibna0wVcD0
GvWjZOxuZWeygdi4+9g8U3tc7aj85peWVntgXd9tvcyt3HovZGsVGJ3IQ7va4psu
7qqQTgukUEWKPFKk7nEs2BNQ8g6pTGC8pY+MSmZ+hbRprEVo8UDtOJkMw/J2bF/R
TGuOU98MlaZmdl/jU2itecFYn7Ai6Y0owY370j9W+1zstQ+3eeK0lsp1OQsxKcmu
jOiadBXupCwFa1XeuQl1cHChO5h4D9/iKcxhD7r7WzUBHX4y53wN0zdVkQH3kd67
jQAFOXPZ0Mx8Ty0ouSJP5qxlYBMKH+biO7ccx4G/COkHfNrdjhcvHk0iZS9b71LV
1N6RPRVvJYZ0gGpRO+6RniyRuswlW2tE2OizvhZ4abTjpb+q8B0=
=m/Qt
-----END PGP SIGNATURE-----

pgpK8KSNZzEb8.pgp
Description: PGP signature

--- End Message ---

Bug#984446: marked as done (CVE-2021-3420)

Reply via email to