Your message dated Sun, 26 Jan 2025 16:09:27 -0800 with message-id <20250126160927.04cd6bb4@tigre> and subject line Re: Bug#891638: libcdio: CVE-2017-18201: double free inget_cdtext_generic() in lib/driver/_cdio_generic.c. has caused the Debian Bug report #891638, regarding libcdio: CVE-2017-18201: double free inget_cdtext_generic() in lib/driver/_cdio_generic.c. to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [email protected] immediately.) -- 891638: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=891638 Debian Bug Tracking System Contact [email protected] with problems
--- Begin Message ---Source: libcdio Version: 1.0.0-1 Severity: important Tags: security upstream Control: fixed -1 2.0.0-1 Hi, the following vulnerability was published for libcdio. CVE-2017-18201[0]: | An issue was discovered in GNU libcdio before 2.0.0. There is a double | free in get_cdtext_generic() in lib/driver/_cdio_generic.c. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2017-18201 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18201 Please adjust the affected versions in the BTS as needed. Regards, Salvatore
--- End Message ---
--- Begin Message ---No longer affecting maintained distributions of Debian, since fixed upstream before version 2.0.0, and the following versions are used in Debian: o-o-stable: 2.0.0-2 oldstable: 2.1.0-2 stable: 2.1.0-4 testing: 2.1.0-5 unstable: 2.1.0-5 exp: 2.2.0-1~exp1
--- End Message ---
