Your message dated Sun, 04 May 2014 21:32:20 +0000 with message-id <e1wh41e-0007zb...@franck.debian.org> and subject line Bug#745301: fixed in libmms 0.6.2-3+deb7u1 has caused the Debian Bug report #745301, regarding libmms: CVE-2014-2892: heap-based buffer overflow to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 745301: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=745301 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Source: libmms Version: 0.6-1 Severity: grave Tags: security upstream fixed-upstream Hi, the following vulnerability was published for libmms. CVE-2014-2892[0]: heap-based buffer overflow If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2892 https://security-tracker.debian.org/tracker/CVE-2014-2892 [1] http://sourceforge.net/p/libmms/code/ci/03bcfccc22919c72742b7338d02859962861e0e8 Regards, Salvatore
--- End Message ---
--- Begin Message ---Source: libmms Source-Version: 0.6.2-3+deb7u1 We believe that the bug you reported is fixed in the latest version of libmms, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 745...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Sebastian Ramacher <sramac...@debian.org> (supplier of updated libmms package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Fri, 25 Apr 2014 16:14:59 +0200 Source: libmms Binary: libmms-dev libmms0 Architecture: source amd64 Version: 0.6.2-3+deb7u1 Distribution: wheezy-security Urgency: high Maintainer: Debian Multimedia Maintainers <pkg-multimedia-maintain...@lists.alioth.debian.org> Changed-By: Sebastian Ramacher <sramac...@debian.org> Description: libmms-dev - MMS stream protocol library - development files libmms0 - MMS stream protocol library - shared library Closes: 745301 Changes: libmms (0.6.2-3+deb7u1) wheezy-security; urgency=high . * Team upload. * debian/patches/0002-CVE-2014-2892.patch: Apply upstream patch for CVE-2014-2892. (Closes: #745301) Checksums-Sha1: cfc5a27d9413370bd5dd315eaa52459b420985f6 2063 libmms_0.6.2-3+deb7u1.dsc cdef62fd1a0e2585dd2111fc94b032f84290e351 340230 libmms_0.6.2.orig.tar.gz 2cf8f5b50cdad8e0eb358b8d8d1b46269173101c 7502 libmms_0.6.2-3+deb7u1.debian.tar.gz c1b985b593d52f4b9eb7a0fd19986d053d2c1873 48238 libmms-dev_0.6.2-3+deb7u1_amd64.deb f19df27ca8015220f3987927b13a045f90e95549 40820 libmms0_0.6.2-3+deb7u1_amd64.deb Checksums-Sha256: d53161c2a2091be0abcd8a02ec0504a5e835d9f0722fae052f4cbd3f63132a06 2063 libmms_0.6.2-3+deb7u1.dsc 01931b62172d7d7050fc9ef9b1b64162f3b6e9f6cc4415170192a32a0b7ea432 340230 libmms_0.6.2.orig.tar.gz 65e048ff9fbb494bc3bf584a1d4418625c8525d1f2fda26b8eb2506f8a6dd8ff 7502 libmms_0.6.2-3+deb7u1.debian.tar.gz b2eace182828a3e041db0d8deaba9fefdd919d5fd156731e66c1b0b96436f7ae 48238 libmms-dev_0.6.2-3+deb7u1_amd64.deb bf01315e2f3ebe0ba87f0f1aaf0e310301c25e51c4ed87c6f44496532915d2ff 40820 libmms0_0.6.2-3+deb7u1_amd64.deb Files: f7db094ab66ce239a02ac3ba0ee6f89e 2063 libs optional libmms_0.6.2-3+deb7u1.dsc 9f63aa363deb4874e072a45850161bff 340230 libs optional libmms_0.6.2.orig.tar.gz 4da361723ba4d79de643b0955d88edf6 7502 libs optional libmms_0.6.2-3+deb7u1.debian.tar.gz 2edfd5400f88ec1a753d2bc3aabeaea6 48238 libdevel optional libmms-dev_0.6.2-3+deb7u1_amd64.deb 9e2fbebfb1f2a854249fc02012e1c3d2 40820 libs optional libmms0_0.6.2-3+deb7u1_amd64.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJTWnxLAAoJEGny/FFupxmTGpwP/3BAFewhN+ldkZneua+OgdpB Mzi6oGg6BRsqYEjC0+4dvpCWV2cQyqGlqdYqc6mWrWAPJYdOAVxaDXVUjbvrGfSy dJOrY27duJOYbnd2QtdgtKkf3HV/bySoasniFGy5ryenWJVct5VxlU+UjZxIRCps wFu5yYvAsBsJzZEEB47GMz+225Tn+9bgAt1eN5I5M7H5bptDduTLQB2qXgcFNU3m lPOxPAENZAjSBnHeR/i1ycsW0+iIYqvueeAbgmB3T/JiZ3CLq3AJVRHQwuMXnRmp Hx5OwQnnDpEKb+XA3rl0rtTV3B4tnYFkbjYrsMy4NJc8vlTNf/4oKMoXXTw8AO/G Z5yzEqCVUutUkK4rCw8kr4CoebCRuw2myE05WuLa0PEXAQ7tmG38fAvs38sKs6mf skexmkDs3qivLrdZPZicLkq1cM7RQfP9v97GyoiIzQZ9WeHo+KTGrDVLnJyzWq86 p9k3NH8l/tHbcsMpoBTFMQl3OeM6aQBaMzemjc7Aiifii02q9lZJhMbahz8GBuww GQqnSCgcAkzx5byB89tcSy8tpzcpEYJi3XHDQo2wqn3vZ52wA23aL128Nms2PwIT WcwQuVL4MMHRwljaZSnqWglTlZd0Kb1XhKVPsklVaFT9kyRQfbXPcHo9IqYgKbhm WNWD3IFXUGeKmnuOH0WN =+8Iv -----END PGP SIGNATURE-----
--- End Message ---
