Your message dated Wed, 22 Aug 2007 07:57:14 +0000 with message-id <[EMAIL PROTECTED]> and subject line Bug#429726: fixed in vlc 0.8.1.svn20050314-1sarge3 has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what I am talking about this indicates a serious mail system misconfiguration somewhere. Please contact me immediately.) Debian bug tracking system administrator (administrator, Debian Bugs database)
--- Begin Message ---Package: vlc Version: 0.8.6.a.debian-6 Severity: grave Tags: security, fixed-upstream Justification: user security hole VLC versions in old-stable, stable and unstable are affectd by multiple remotely triggerable format string vulnerabilities, addressed in upstream release 0.8.6c. http://www.videolan.org/sa0702.html Sorry for the inconvenience, -- System Information: Debian Release: lenny/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Kernel: Linux 2.6.21-1-686 (SMP w/1 CPU core) Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages vlc depends on: ii libaa1 1.4p5-32 ascii art library ii libatk1.0-0 1.18.0-2 The ATK accessibility toolkit ii libc6 2.5-11 GNU C Library: Shared libraries ii libcaca0 0.99.beta11.debian-3 colour ASCII art library ii libcairo2 1.4.6-1.1 The Cairo 2D vector graphics libra ii libcdio6 0.76-1 library to read and control CD-ROM ii libcucul0 0.99.beta11.debian-3 low-level Unicode character drawin ii libdbus-1-3 1.1.0-1 simple interprocess messaging syst ii libdbus-glib-1-2 0.73-2 simple interprocess messaging syst ii libfontconfig1 2.4.2-1.2 generic font configuration library ii libfreetype6 2.2.1-6 FreeType 2 font engine, shared lib ii libfribidi0 0.10.7-4 Free Implementation of the Unicode ii libgcc1 1:4.2-20070609-1 GCC support library ii libgl1-mesa-glx [li 6.5.2-5 A free implementation of the OpenG ii libglib2.0-0 2.12.12-1 The GLib library of C routines ii libglu1-mesa [libgl 6.5.2-5 The OpenGL utility library (GLU) ii libgtk2.0-0 2.10.13-1 The GTK+ graphical user interface ii libice6 1:1.0.3-2 X11 Inter-Client Exchange library ii libiso9660-4 0.76-1 library to work with ISO9660 files ii libjpeg62 6b-13 The Independent JPEG Group's JPEG ii libnotify1 0.4.4-3 sends desktop notifications to a n ii libpango1.0-0 1.16.4-1 Layout and rendering of internatio ii libpng12-0 1.2.15~beta5-2 PNG library - runtime ii libsdl-image1.2 1.2.5-3 image loading library for Simple D ii libsdl1.2debian 1.2.11-9 Simple DirectMedia Layer ii libsm6 2:1.0.3-1 X11 Session Management library ii libstdc++6 4.2-20070609-1 The GNU Standard C++ Library v3 ii libtar 1.2.11-4 C library for manipulating tar arc ii libtiff4 3.8.2-7 Tag Image File Format (TIFF) libra ii libvcdinfo0 0.7.23-3 library to extract information fro ii libvlc0 0.8.6.a.debian-6 multimedia player and streamer lib ii libwxbase2.6-0 2.6.3.2.1.5 wxBase library (runtime) - non-GUI ii libwxgtk2.6-0 2.6.3.2.1.5 wxWidgets Cross-platform C++ GUI t ii libx11-6 2:1.0.3-7 X11 client-side library ii libxcursor1 1:1.1.8-2 X cursor management library ii libxext6 1:1.0.3-2 X11 miscellaneous extension librar ii libxfixes3 1:4.0.3-2 X11 miscellaneous 'fixes' extensio ii libxi6 1:1.0.1-4 X11 Input extension library ii libxinerama1 1:1.0.2-1 X11 Xinerama extension library ii libxosd2 2.2.14-1.3 X On-Screen Display library - runt ii libxrandr2 2:1.2.1-1 X11 RandR extension library ii libxrender1 1:0.9.2-1 X Rendering Extension client libra ii libxv1 1:1.0.3-1 X11 Video extension library ii libxxf86vm1 1:1.0.1-2 X11 XFree86 video mode extension l ii ttf-dejavu 2.17-2 Vera font family derivate with add ii vlc-nox 0.8.6.a.debian-6 multimedia player and streamer (wi ii zlib1g 1:1.2.3-15 compression library - runtime Versions of packages vlc recommends: pn videolan-doc <none> (no description available) -- no debconf information -- RĂ©mi Denis-Courmont http://www.remlab.net/signature.asc
Description: This is a digitally signed message part.
--- End Message ---
--- Begin Message ---Source: vlc Source-Version: 0.8.1.svn20050314-1sarge3 We believe that the bug you reported is fixed in the latest version of vlc, which is due to be installed in the Debian FTP archive: gnome-vlc_0.8.1.svn20050314-1sarge3_i386.deb to pool/main/v/vlc/gnome-vlc_0.8.1.svn20050314-1sarge3_i386.deb gvlc_0.8.1.svn20050314-1sarge3_i386.deb to pool/main/v/vlc/gvlc_0.8.1.svn20050314-1sarge3_i386.deb kvlc_0.8.1.svn20050314-1sarge3_i386.deb to pool/main/v/vlc/kvlc_0.8.1.svn20050314-1sarge3_i386.deb libvlc0-dev_0.8.1.svn20050314-1sarge3_i386.deb to pool/main/v/vlc/libvlc0-dev_0.8.1.svn20050314-1sarge3_i386.deb mozilla-plugin-vlc_0.8.1.svn20050314-1sarge3_i386.deb to pool/main/v/vlc/mozilla-plugin-vlc_0.8.1.svn20050314-1sarge3_i386.deb qvlc_0.8.1.svn20050314-1sarge3_i386.deb to pool/main/v/vlc/qvlc_0.8.1.svn20050314-1sarge3_i386.deb vlc-alsa_0.8.1.svn20050314-1sarge3_i386.deb to pool/main/v/vlc/vlc-alsa_0.8.1.svn20050314-1sarge3_i386.deb vlc-esd_0.8.1.svn20050314-1sarge3_i386.deb to pool/main/v/vlc/vlc-esd_0.8.1.svn20050314-1sarge3_i386.deb vlc-ggi_0.8.1.svn20050314-1sarge3_i386.deb to pool/main/v/vlc/vlc-ggi_0.8.1.svn20050314-1sarge3_i386.deb vlc-glide_0.8.1.svn20050314-1sarge3_i386.deb to pool/main/v/vlc/vlc-glide_0.8.1.svn20050314-1sarge3_i386.deb vlc-gnome_0.8.1.svn20050314-1sarge3_i386.deb to pool/main/v/vlc/vlc-gnome_0.8.1.svn20050314-1sarge3_i386.deb vlc-gtk_0.8.1.svn20050314-1sarge3_i386.deb to pool/main/v/vlc/vlc-gtk_0.8.1.svn20050314-1sarge3_i386.deb vlc-plugin-alsa_0.8.1.svn20050314-1sarge3_i386.deb to pool/main/v/vlc/vlc-plugin-alsa_0.8.1.svn20050314-1sarge3_i386.deb vlc-plugin-arts_0.8.1.svn20050314-1sarge3_i386.deb to pool/main/v/vlc/vlc-plugin-arts_0.8.1.svn20050314-1sarge3_i386.deb vlc-plugin-esd_0.8.1.svn20050314-1sarge3_i386.deb to pool/main/v/vlc/vlc-plugin-esd_0.8.1.svn20050314-1sarge3_i386.deb vlc-plugin-ggi_0.8.1.svn20050314-1sarge3_i386.deb to pool/main/v/vlc/vlc-plugin-ggi_0.8.1.svn20050314-1sarge3_i386.deb vlc-plugin-glide_0.8.1.svn20050314-1sarge3_i386.deb to pool/main/v/vlc/vlc-plugin-glide_0.8.1.svn20050314-1sarge3_i386.deb vlc-plugin-sdl_0.8.1.svn20050314-1sarge3_i386.deb to pool/main/v/vlc/vlc-plugin-sdl_0.8.1.svn20050314-1sarge3_i386.deb vlc-plugin-svgalib_0.8.1.svn20050314-1sarge3_i386.deb to pool/main/v/vlc/vlc-plugin-svgalib_0.8.1.svn20050314-1sarge3_i386.deb vlc-qt_0.8.1.svn20050314-1sarge3_i386.deb to pool/main/v/vlc/vlc-qt_0.8.1.svn20050314-1sarge3_i386.deb vlc-sdl_0.8.1.svn20050314-1sarge3_i386.deb to pool/main/v/vlc/vlc-sdl_0.8.1.svn20050314-1sarge3_i386.deb vlc_0.8.1.svn20050314-1sarge3.diff.gz to pool/main/v/vlc/vlc_0.8.1.svn20050314-1sarge3.diff.gz vlc_0.8.1.svn20050314-1sarge3.dsc to pool/main/v/vlc/vlc_0.8.1.svn20050314-1sarge3.dsc vlc_0.8.1.svn20050314-1sarge3_i386.deb to pool/main/v/vlc/vlc_0.8.1.svn20050314-1sarge3_i386.deb wxvlc_0.8.1.svn20050314-1sarge3_i386.deb to pool/main/v/vlc/wxvlc_0.8.1.svn20050314-1sarge3_i386.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [EMAIL PROTECTED], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Sam Hocevar (Debian packages) <[EMAIL PROTECTED]> (supplier of updated vlc package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [EMAIL PROTECTED]) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Wed, 20 Jun 2007 22:08:33 +0000 Source: vlc Binary: vlc-esd wxvlc vlc-plugin-sdl kvlc gvlc vlc-plugin-alsa gnome-vlc vlc-qt vlc-ggi mozilla-plugin-vlc vlc vlc-gnome vlc-gtk vlc-sdl vlc-alsa vlc-plugin-svgalib vlc-glide vlc-plugin-ggi qvlc vlc-plugin-esd vlc-plugin-glide vlc-plugin-arts libvlc0-dev Architecture: source i386 Version: 0.8.1.svn20050314-1sarge3 Distribution: oldstable-security Urgency: high Maintainer: Sam Hocevar (Debian packages) <[EMAIL PROTECTED]> Changed-By: Sam Hocevar (Debian packages) <[EMAIL PROTECTED]> Description: gnome-vlc - GNOME frontend for VLC (dummy legacy package) gvlc - GTK+ frontend for VLC (dummy legacy package) kvlc - KDE frontend for VLC (dummy legacy package) libvlc0-dev - development files for VLC mozilla-plugin-vlc - multimedia plugin for Mozilla based on VLC qvlc - Qt frontend for VLC (dummy legacy package) vlc - multimedia player for all audio and video formats vlc-alsa - ALSA audio output plugin for VLC (dummy legacy package) vlc-esd - Esound audio output plugin for VLC (dummy legacy package) vlc-ggi - GGI video output plugin for VLC (dummy legacy package) vlc-glide - Glide video output plugin for VLC (dummy legacy package) vlc-gnome - GNOME frontend for VLC (dummy legacy package) vlc-gtk - GTK+ frontend for VLC (dummy legacy package) vlc-plugin-alsa - ALSA audio output plugin for VLC vlc-plugin-arts - aRts audio output plugin for VLC vlc-plugin-esd - Esound audio output plugin for VLC vlc-plugin-ggi - GGI video output plugin for VLC vlc-plugin-glide - Glide video output plugin for VLC vlc-plugin-sdl - SDL video and audio output plugin for VLC vlc-plugin-svgalib - SVGAlib video output plugin for VLC vlc-qt - Qt frontend for VLC (dummy legacy package) vlc-sdl - SDL video and audio output plugin for VLC (dummy legacy package) wxvlc - wxWindows frontend for VLC Closes: 429726 Changes: vlc (0.8.1.svn20050314-1sarge3) oldstable-security; urgency=high . * modules/codec/theora.c modules/codec/vorbis.c modules/services_discovery/sap.c: + Fix format string vulnerabilities (VideoLAN-SA-0702) (Closes: #429726). * modules/misc/svg.c: + Fix memory leaks that could cause denials of service. * modules/demux/avi/libavi.c: + Fix a buffer overflow. * modules/codec/flac.c modules/demux/wav.c modules/misc/freetype.c src/video_output/vout_subpictures.c src/audio_output/dec.c: + Fix missing checks that could cause denials of service. Files: 5902b04c1e1b526a1bc5817e70daa34e 1916 graphics optional vlc_0.8.1.svn20050314-1sarge3.dsc 0c881ec5261a7c670ab35e2068b3a4b3 3877 graphics optional vlc_0.8.1.svn20050314-1sarge3.diff.gz e469192f315a024ef1d5f7ea8fbb17ce 5248706 graphics optional vlc_0.8.1.svn20050314-1sarge3_i386.deb fbce776d067f9c7c44479d7613169b23 736546 libdevel optional libvlc0-dev_0.8.1.svn20050314-1sarge3_i386.deb f36ad7b97dc9009b1860e6933634d84a 1266 oldlibs optional gnome-vlc_0.8.1.svn20050314-1sarge3_i386.deb cedc5bb40e56d3ab2a67775730335885 1270 oldlibs optional gvlc_0.8.1.svn20050314-1sarge3_i386.deb 46c8c84550748386e1986a81a2cbc053 4666 graphics optional vlc-plugin-esd_0.8.1.svn20050314-1sarge3_i386.deb eac10b6ca4426e778c67a9c6d2f9b80a 10476 graphics optional vlc-plugin-alsa_0.8.1.svn20050314-1sarge3_i386.deb a215ef7fa994cb7c2c62605e6e993e00 10590 graphics optional vlc-plugin-sdl_0.8.1.svn20050314-1sarge3_i386.deb f2a51c5a740904f6033a10e120a86fae 6394 graphics optional vlc-plugin-ggi_0.8.1.svn20050314-1sarge3_i386.deb 46d191653b8a18d4ce5470180eb09ff9 4670 graphics optional vlc-plugin-glide_0.8.1.svn20050314-1sarge3_i386.deb 808716d59e2a962c1fe39992178886cc 962 oldlibs optional qvlc_0.8.1.svn20050314-1sarge3_i386.deb 413d8a7978830fc2393037a4c61a5997 4422 graphics optional vlc-plugin-arts_0.8.1.svn20050314-1sarge3_i386.deb 22c0dd3f865f8cb6b5033d1eb5fccc55 582404 graphics optional mozilla-plugin-vlc_0.8.1.svn20050314-1sarge3_i386.deb 4c4ec5557139c28341c8ea7c307fee55 974 oldlibs optional kvlc_0.8.1.svn20050314-1sarge3_i386.deb ff9641f1ed96fd04d35dd67987f5560c 4760 graphics optional vlc-plugin-svgalib_0.8.1.svn20050314-1sarge3_i386.deb 190fe495c41bcb7ccf218c8691d0228a 302670 graphics optional wxvlc_0.8.1.svn20050314-1sarge3_i386.deb 1d2cfec3d34a277e797f2cbae71bdf82 874 oldlibs optional vlc-alsa_0.8.1.svn20050314-1sarge3_i386.deb 18a7414979e45f307d69e56c148b6f6e 874 oldlibs optional vlc-esd_0.8.1.svn20050314-1sarge3_i386.deb d949314bc1b63b771abbb5d77751c989 876 oldlibs optional vlc-ggi_0.8.1.svn20050314-1sarge3_i386.deb 12e0f9d1a1e0510c78a43cc23d4f133b 878 oldlibs optional vlc-glide_0.8.1.svn20050314-1sarge3_i386.deb d4e1708e97bff2da33e8a5e16486c12b 874 oldlibs optional vlc-gnome_0.8.1.svn20050314-1sarge3_i386.deb 97338ecea63d9de8d1f6eba834b3921e 866 oldlibs optional vlc-gtk_0.8.1.svn20050314-1sarge3_i386.deb 62374cc455429e596e6a841a81073cfc 862 oldlibs optional vlc-qt_0.8.1.svn20050314-1sarge3_i386.deb ed943da06bea3318189df46fa6a7cb67 880 oldlibs optional vlc-sdl_0.8.1.svn20050314-1sarge3_i386.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) iD8DBQFGeb4xfPP1rylJn2ERAuffAJ43nP64EtzOBWYqP8ItX9BCnBwR/gCfcUCw PKh7l3RsJk/jxVWiqImrJWk= =4M5T -----END PGP SIGNATURE-----
--- End Message ---