Your message dated Mon, 02 Dec 2024 10:50:31 +0000
with message-id <[email protected]>
and subject line Bug#1088693: fixed in radare2 5.9.8+dfsg-1
has caused the Debian Bug report #1088693,
regarding radare2: CVE-2024-48241
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
1088693: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1088693
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: radare2
X-Debbugs-CC: [email protected]
Severity: important
Tags: security

Hi,

The following vulnerability was published for radare2.

CVE-2024-48241[0]:
| An issue in radare2 v5.8.0 through v5.9.4 allows a local attacker to
| cause a denial of service via the __bf_div function.

https://github.com/radareorg/radare2/issues/23317
https://github.com/radareorg/radare2/pull/23318

Fixed by: 
https://github.com/radareorg/radare2/commit/b2a467cd13c561042554901313ebdcb749eb0de7
 (5.9.6)


If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2024-48241
    https://www.cve.org/CVERecord?id=CVE-2024-48241

Please adjust the affected versions in the BTS as needed.

--- End Message ---
--- Begin Message ---
Source: radare2
Source-Version: 5.9.8+dfsg-1
Done: Alex Myczko <[email protected]>

We believe that the bug you reported is fixed in the latest version of
radare2, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Alex Myczko <[email protected]> (supplier of updated radare2 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Mon, 02 Dec 2024 10:00:13 +0000
Source: radare2
Architecture: source
Version: 5.9.8+dfsg-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Security Tools <[email protected]>
Changed-By: Alex Myczko <[email protected]>
Closes: 1088693
Changes:
 radare2 (5.9.8+dfsg-1) unstable; urgency=medium
 .
   * New upstream version. (Closes: #1088693) (CVE-2024-48241)
Checksums-Sha1:
 2d98401ae6bca96df9aea55973c93cc265f976d5 2383 radare2_5.9.8+dfsg-1.dsc
 f46f8d2a5b61793829f27ab714d8b585aba8e43c 7544000 radare2_5.9.8+dfsg.orig.tar.xz
 9e6572fb329167802ce3d50cb0acfda7e0ed5722 17300 
radare2_5.9.8+dfsg-1.debian.tar.xz
 30b9863ab6fac90e7cad7fd86198e6a48f521b8e 9545 
radare2_5.9.8+dfsg-1_source.buildinfo
Checksums-Sha256:
 2e8f7a9dfac86c499f03ea3dbbd6814f1fea0bae1795538bade04f0d89c3643b 2383 
radare2_5.9.8+dfsg-1.dsc
 51cca443de9dfc5b1cdc14b9e1c889fee16facd31180ade35346d2af7c80ff5a 7544000 
radare2_5.9.8+dfsg.orig.tar.xz
 59f73cfbdefb9d09222fa7e55e57455a4af215007b4712d5699c3d1c8cffc08d 17300 
radare2_5.9.8+dfsg-1.debian.tar.xz
 6decc4713233557ff9afa0570300178f1e1bac1ab4d7061edcd34082d7278631 9545 
radare2_5.9.8+dfsg-1_source.buildinfo
Files:
 31fb23a878113330fa641cd417d52ec2 2383 devel optional radare2_5.9.8+dfsg-1.dsc
 a444424cd751ce7cd5d3fca254da064c 7544000 devel optional 
radare2_5.9.8+dfsg.orig.tar.xz
 47f6a15fca12276151dcdf5b485028c2 17300 devel optional 
radare2_5.9.8+dfsg-1.debian.tar.xz
 ebb4c0d863de6512527f04fe7b6c46ad 9545 devel optional 
radare2_5.9.8+dfsg-1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEtgob82PcExn/Co6JEWhSvN91FcAFAmdNi/wACgkQEWhSvN91
FcB1jA//QypTXpGOZdataplOnhYNOIWPSul8CgykMR24tkPpECBiM8lKVEAaAHIW
QXehmhePMCw89nCSX0XYh1+6hT3HUhc9Ugbb3VJsqNih+uWSqbAySvgWLQVTCI25
FvVzDJF0HmDKh+lVt0iY4N0nAE4nNqnkbdMHzXjLRidVkuHuu/bbu7B1ET9oRv/o
wStOqTmCWHwow1Hl9hIDG5L8KTi9+tL1UtYYZNYkqa1tOb2iW85pxPqiftxBhbz3
5WBnMu/77+pS2+JLSN6uKH29aRmKOpbtxsNChwRsVgzU/A6bDsjs2LAJTqQPWAH3
FHijceUDYz1Csft6vlu//bSYrRCIjjepZdqbyuaj7rHjrekD/57593OOHPohVYmQ
p80J5h3Y9e2TSg0BF/Vj69yOmzn8tJxV9wzrdJQV3of56nPoFxRsqc4JRSc+T5BJ
uHhu2z//QjE/2iR4NfOlDlDWuJgyXBHrJsM3l5QWn1oB90iZFg42gyxwdhSSF4s3
QETnE6P/ji4V5QH0HF+q0RSx/4O/q79RVK+pVFcgp0yEiS0tOYiudBKcN0fCMFlV
Yz27kgNqfVG6cAb6hEMVAcvkMlDlOIzl7OvEY49Fo1I5gTaXnA/dmoDGNdMrYrAA
sSLl9XMvn5ZeI8WJk1bQ8RqXO/KBWdFs/6udtPC4cPOOexkIMYQ=
=9Wbf
-----END PGP SIGNATURE-----

Attachment: pgpWssgMcH0RA.pgp
Description: PGP signature


--- End Message ---

Reply via email to