Bug#677195: marked as done (CVE-2012-2673)

Fri, 21 Sep 2012 13:51:22 -0700 

Your message dated Fri, 21 Sep 2012 20:49:06 +0000
with message-id <e1tfa9q-0006hh...@franck.debian.org>
and subject line Bug#677195: fixed in libgc 1:6.8-2
has caused the Debian Bug report #677195,
regarding CVE-2012-2673
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
677195: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=677195
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message --- 
Package: libgc
Severity: grave
Tags: security

Please see 
http://kqueue.org/blog/2012/03/05/memory-allocator-security-revisited/

The fixes for libgc are listed in Red Hat bugzilla:
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-2673

Cheers,
        Moritz

--- End Message ---
--- Begin Message --- 
Source: libgc
Source-Version: 1:6.8-2

We believe that the bug you reported is fixed in the latest version of
libgc, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 677...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Christoph Egger <christ...@debian.org> (supplier of updated libgc package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Fri, 21 Sep 2012 10:58:18 -0700
Source: libgc
Binary: libgc1c2 libgc-dev
Architecture: source mipsel
Version: 1:6.8-2
Distribution: squeeze
Urgency: low
Maintainer: Christoph Egger <christ...@debian.org>
Changed-By: Christoph Egger <christ...@debian.org>
Description: 
 libgc-dev  - conservative garbage collector for C (development)
 libgc1c2   - conservative garbage collector for C and C++
Closes: 677195
Changes: 
 libgc (1:6.8-2) stable; urgency=low
 .
   * Change maintainer to myself for stable as well
 .
   * Use patch from Steve Beattie <sbeat...@ubuntu.com> / Ubuntu to fix
     CVE-2012-2673 (Closes: #677195):
       malloc.c, mallocx.c: check for integer overflow in internal
       malloc and calloc routines.
Checksums-Sha1: 
 4203116f711068199250fc7007e24ebc461d2206 1573 libgc_6.8-2.dsc
 9a451a5e2880a0a430057d50cf2a303ba48d0e22 333175 libgc_6.8-2.diff.gz
 8c39f6a4923f5dab0c3940a89141672dbaa8d61e 118832 libgc1c2_6.8-2_mipsel.deb
 b9e899ad98f37fd1a03d77ea083eb8ab4dc9e0c3 180306 libgc-dev_6.8-2_mipsel.deb
Checksums-Sha256: 
 b958e591f0c5fe0388f9816f2ab6a7a56778997daeb97ca47dd37c2d7a46fca7 1573 
libgc_6.8-2.dsc
 a63ffea5c71c6aef4a52c434bf8b86c5718b1abec0809cfac9eaa33802704b71 333175 
libgc_6.8-2.diff.gz
 55d06eacc87e144c3a7b177ab77dd749dd90ba7cf8a99b031582d0f87f4b7e45 118832 
libgc1c2_6.8-2_mipsel.deb
 f325778729296fe8ba3b155a7ce15d5bbd688030f212654190f837d913971246 180306 
libgc-dev_6.8-2_mipsel.deb
Files: 
 87015bf9e9523b97c8c2bd343ebbe6be 1573 libs standard libgc_6.8-2.dsc
 bad3c2eff96af2edbc3d76eeb43944ae 333175 libs standard libgc_6.8-2.diff.gz
 9b37f8cfd4f5c8fa342db06cd1ceb7d9 118832 libs standard libgc1c2_6.8-2_mipsel.deb
 affbe0ac5853c848f52ee978d6fbe953 180306 libdevel optional 
libgc-dev_6.8-2_mipsel.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/kFreeBSD)

iQIcBAEBAgAGBQJQXLX8AAoJEKv/7bJACMb5gRsQAJTQEl7AohQFx8WSg4yeYXSN
vTq1vW6Dl6PhVc9AT7Smgf6nZhm6KTc6Tfashi01yjG7uIAHUTYIdjkU966NKL1l
lZxQ7DDJ9ExmkbntPrIgtakFn4g2lXYJm5mIwOtyECkY6YEigz286AhJZiwHzIp6
0RAGwM45Oaq62fJYXTcPoEs2LaBFjfB6+rRGhtSef1RvgxB0KqEXzcyeJOIOTV/L
hDmpmRGyNar6cZRM6MaWwP2vRghPEBFJbtYhzMzFLQQe+8aTTCXx77RgaKEdEs8Z
qv5Y4EF1V7PMqNxhmbiwST6UIV7blfoM3adhLXM0OckH47HUGJm9D18dHkZbyag8
eWbN2/6P82FsXK6z+2+racysx0494PkOqMVsogtNf9U8oKhq7XRDZrSH2DV4ivP3
gs2OdIMeiEzMDiMCLZTDjjJkPBV6oJDE/RBJy2Tn1l7BLRuAXb1UnvNgNlWKDomD
T+FuKuDiCHfRkKEUoUWKn4itAVog3YjRlNx0QbJZvsEyJmFJ+3UtMEDaUfINwAIf
lnQEbqMHLfEMY5JwbKz0l5Po5DRq93qt+wTCTFBzMlomMP0Qf0YBu7Wn4TksJCEX
Vng0DaChWAcCc7+V4H1kBDEdmZhNZS2mgsL0DCVHiOKsPf4rdm8WBfVvITt8fPRO
pnk3lMGi1+bOMKJO6ux3
=fpFx
-----END PGP SIGNATURE-----

--- End Message ---

Reply via email to