Your message dated Tue, 20 Mar 2018 00:34:50 +0000 with message-id <e1ey5eo-000ecn...@fasolo.debian.org> and subject line Bug#893525: fixed in sharutils 1:4.15.2-3 has caused the Debian Bug report #893525, regarding CVE-2018-1000097 to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 893525: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=893525 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Source: sharutils Severity: grave Tags: security This has been assigned CVE-2018-1000097: http://lists.gnu.org/archive/html/bug-gnu-utils/2018-02/msg00004.html Proposed patch at: http://lists.gnu.org/archive/html/bug-gnu-utils/2018-02/msg00005.html Cheers, Moritz
--- End Message ---
--- Begin Message ---Source: sharutils Source-Version: 1:4.15.2-3 We believe that the bug you reported is fixed in the latest version of sharutils, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 893...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Santiago Vila <sanv...@debian.org> (supplier of updated sharutils package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Tue, 20 Mar 2018 01:09:02 +0100 Source: sharutils Binary: sharutils sharutils-doc Architecture: source Version: 1:4.15.2-3 Distribution: unstable Urgency: medium Maintainer: Santiago Vila <sanv...@debian.org> Changed-By: Santiago Vila <sanv...@debian.org> Description: sharutils - shar, unshar, uuencode, uudecode sharutils-doc - Documentation for GNU sharutils Closes: 893525 Changes: sharutils (1:4.15.2-3) unstable; urgency=medium . * Apply patch from Petr Pisar to fix heap buffer overflow in unshar. This is CVE-2018-1000097. Closes: #893525. Checksums-Sha1: 9aa6ff13e320b0f2afb1af87cf6ea97e60fc4363 1466 sharutils_4.15.2-3.dsc 0ccde1b63f13c1da583deacaccd9e93a4097c399 7776 sharutils_4.15.2-3.debian.tar.xz 103ae770f83a747b4008d80d99d77bd17f177348 5498 sharutils_4.15.2-3_source.buildinfo Checksums-Sha256: b40450f5e5ea6f55684e30a04316a4fa1bbf78d19a4d8ee51bd42c648d49ff2b 1466 sharutils_4.15.2-3.dsc 0dbdc08ebe2b274dabbbecc2df1bcb83ef9a2db94a954e43b85afcc6c4ef9efc 7776 sharutils_4.15.2-3.debian.tar.xz cecaa271a3ba2084bc9166099df9347e4c24719f4503b9e75ffdbbb86927a934 5498 sharutils_4.15.2-3_source.buildinfo Files: 28cf1c79b19d630f14988eb65c29fc76 1466 utils optional sharutils_4.15.2-3.dsc 6da9ccfdda13389cfdeb044cd9e37238 7776 utils optional sharutils_4.15.2-3.debian.tar.xz beb55139090e48d19ec8aa405b1c62f8 5498 utils optional sharutils_4.15.2-3_source.buildinfo -----BEGIN PGP SIGNATURE----- iQEzBAEBCAAdFiEE1Uw7+v+wQt44LaXXQc5/C58bizIFAlqwUa4ACgkQQc5/C58b izLw/Qf/RtxYjGSWFxNe79Klg3iSa0He2ZPouL5J8iPXDjYDEWzpsJfKyUnCzjyM Ms++ED97j/qZuNYeVfvCxJlELjCr3TyDZH3ZVakKCSTbQbpJGVOQwJfTtbi/ZVSQ qldFZWK7Ju//WLaN8acyZgm3ca3MLjiserFXnlgY6KHljivly8tOvsRO0AbxkCvo RJsSqGVGmpPqc9VegzfJy3GsMf3X7mfb9FDVKksXNIyJgOFIanWaSL4D0S8HftWb Pn68o5RxYjQGSWnLV88xTtd9eE35qQb95/ijmFYZ8EIY9Zb7utVmlVnuYt5p4m0V zbtBiV/3170gru952pIuWA20Zz+YGw== =7PLB -----END PGP SIGNATURE-----
--- End Message ---
