Your message dated Sun, 12 Jan 2014 22:02:34 +0000
with message-id <e1w2t74-0003gp...@franck.debian.org>
and subject line Bug#711163: fixed in srtp 1.4.4~dfsg-6+deb6u1
has caused the Debian Bug report #711163,
regarding srtp: CVE-2013-2139
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
711163: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=711163
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: srtp
Severity: grave
Tags: security
This was assigned CVE-2013-2139:
http://seclists.org/fulldisclosure/2013/Jun/10
Fix:
https://github.com/cisco/libsrtp/pull/27
Cheers,
Moritz
--- End Message ---
--- Begin Message ---
Source: srtp
Source-Version: 1.4.4~dfsg-6+deb6u1
We believe that the bug you reported is fixed in the latest version of
srtp, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 711...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Salvatore Bonaccorso <car...@debian.org> (supplier of updated srtp package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Thu, 02 Jan 2014 16:22:57 +0100
Source: srtp
Binary: libsrtp0-dev libsrtp0 srtp-docs srtp-utils
Architecture: source all amd64
Version: 1.4.4~dfsg-6+deb6u1
Distribution: squeeze-security
Urgency: high
Maintainer: Jonas Smedegaard <d...@jones.dk>
Changed-By: Salvatore Bonaccorso <car...@debian.org>
Description:
libsrtp0 - Secure RTP (SRTP) and UST Reference Implementations - shared libr
libsrtp0-dev - Secure RTP (SRTP) and UST Reference Implementations -
development
srtp-docs - Secure RTP (SRTP) and UST Reference Implementations - documentati
srtp-utils - Secure RTP (SRTP) and UST Reference Implementations - utilities
Closes: 711163
Changes:
srtp (1.4.4~dfsg-6+deb6u1) squeeze-security; urgency=high
.
* Non-maintainer upload by the Security Team.
* Add 1009_CVE-2013-2139.patch patch.
CVE-2013-2139: buffer overflow in application of crypto profiles.
(Closes: #711163)
Checksums-Sha1:
b68931a4b264c7f8902cd99abdb62316b28dc30e 2027 srtp_1.4.4~dfsg-6+deb6u1.dsc
fdc0db5be8102ab061dc7aba1c59062904e6871f 241720 srtp_1.4.4~dfsg.orig.tar.gz
2035d4a47b042327ed0c0466bb93958d66bec3ba 31983
srtp_1.4.4~dfsg-6+deb6u1.debian.tar.gz
b88f3ea44c277cca588e24e64967420db679daef 224956
srtp-docs_1.4.4~dfsg-6+deb6u1_all.deb
0b47e5196f2e7b9d3b39dbadcbe1a2bf5a5e9d2c 86260
libsrtp0-dev_1.4.4~dfsg-6+deb6u1_amd64.deb
17ce23232b739ab8a3c05f929efe99fa8ff79ae5 52304
libsrtp0_1.4.4~dfsg-6+deb6u1_amd64.deb
71d6dfe0c8146b27b4c6498a246c04e568136fba 203744
srtp-utils_1.4.4~dfsg-6+deb6u1_amd64.deb
Checksums-Sha256:
f3e7575aa4544e5223f8484c6b88f5dd53862f9780d4b059fb00b28670e24e17 2027
srtp_1.4.4~dfsg-6+deb6u1.dsc
57581a5cd1fe6918497588c24745b257e197be6beffb1314705a62c4d5760166 241720
srtp_1.4.4~dfsg.orig.tar.gz
d96a0d3be96d5e8eb2a9f385da41acf9ba0d29d63df904f97af30541b1540192 31983
srtp_1.4.4~dfsg-6+deb6u1.debian.tar.gz
5270eab340b5a207532b60cc4f9d127baeca30c17101de1f28a58db93bbe912e 224956
srtp-docs_1.4.4~dfsg-6+deb6u1_all.deb
ad92bc85ad55d3ee04de63808f63b6d85e847cb8c409e6a38e1b1e2d6d7d4779 86260
libsrtp0-dev_1.4.4~dfsg-6+deb6u1_amd64.deb
fc0d92084f3a5c1b04be504e8f7255341a516c3d46c5a363f177cb057200804a 52304
libsrtp0_1.4.4~dfsg-6+deb6u1_amd64.deb
4dd31a92ea4957c4b104f11f84fe8f295b4a1979a4024ff1083eab117041657d 203744
srtp-utils_1.4.4~dfsg-6+deb6u1_amd64.deb
Files:
245644589be93acdd472594ebc1e64b0 2027 libs optional
srtp_1.4.4~dfsg-6+deb6u1.dsc
d3326fe2e129e94e29462ab60acae390 241720 libs optional
srtp_1.4.4~dfsg.orig.tar.gz
36fa41864c54a6aa667c274f48afa3bc 31983 libs optional
srtp_1.4.4~dfsg-6+deb6u1.debian.tar.gz
42f080e320877782b5df069c8ef0ab6e 224956 doc optional
srtp-docs_1.4.4~dfsg-6+deb6u1_all.deb
7408b0c970dd935fdc9a8b79e01051b7 86260 libdevel optional
libsrtp0-dev_1.4.4~dfsg-6+deb6u1_amd64.deb
b6c455f8815725cf97817ee1d8bdca87 52304 libs optional
libsrtp0_1.4.4~dfsg-6+deb6u1_amd64.deb
8c94345c5ae70cd93806d78659c08b2e 203744 libs optional
srtp-utils_1.4.4~dfsg-6+deb6u1_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.15 (GNU/Linux)
iQIcBAEBCgAGBQJSycTnAAoJEAVMuPMTQ89EYHkP/2bBJuTNFoJpoyEG5D8jp0Ay
6tLRIUnhQ8IAVxPg6sIVvo8NHaBsIFemStyd12/vEKLCD7fNBeabl+tbKOrSEXj+
3dvf09VhsusvXohhdZPBo2e5Tm3p5033jywStd+w55IY9nEUXDps4A3c/znnMirF
bzMZIMnK8tHcEq0WGv/n2SJCJ1O6m29UWljty9Q1tM6xFPvqb6iLIrFiKGGvpsEI
0w9N3suii2rQEI5fKaKDCX2fUV9f/LCE6RgoMtEZymVm1QNh0f0LayuA8miDcgns
UFs0T1BECxsZChNNpkiLcn6JKSIPza9XAZtIK2590KUPDwgRL+5fTuaXUdZ/UGDL
1gQwfyOqzhDejQt0Hm1vZ2jDJ1sruo3XGPcD7MB2STJT249IYH4jHqLhs0JPZQyy
aw7FGLe+k0k/Lm+Z8wUnq3luog1KmNE6gc0lV6Vl7FcL4s7575J8+F5MhO/3GOQl
K1JlHnzzU6+OVl+9r41+9bzpMl3mI7qEVgzgIL7tr2k+H7fiDkQWIX1L/jm3qNT3
t2Z30L5GldEn4RuyakLygIbQ6HGgTisl9MJodh1RaAaYie+dDm0o5xLPZCi6gW7h
w/0VGtenPBrI+5APq9xve2jssK33wH7Zbbf/tQae1t4rUuRh0s1f2HOfO5ggyxfl
Q2mUyxY1pEaU7/KFuYoV
=BwL6
-----END PGP SIGNATURE-----
--- End Message ---