Your message dated Thu, 19 Sep 2019 22:08:35 +0000 with message-id <e1ib4bl-0001jh...@fasolo.debian.org> and subject line Bug#924610: fixed in libsdl2 2.0.10+dfsg1-1 has caused the Debian Bug report #924610, regarding libsdl2: Multiple security issues to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 924610: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924610 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Source: libsdl2 Severity: grave Tags: security Hi, a number of security issues were found in SDL, please see the following links for references. https://security-tracker.debian.org/tracker/CVE-2019-7638 https://security-tracker.debian.org/tracker/CVE-2019-7637 https://security-tracker.debian.org/tracker/CVE-2019-7636 https://security-tracker.debian.org/tracker/CVE-2019-7635 https://security-tracker.debian.org/tracker/CVE-2019-7578 https://security-tracker.debian.org/tracker/CVE-2019-7577 https://security-tracker.debian.org/tracker/CVE-2019-7576 https://security-tracker.debian.org/tracker/CVE-2019-7575 https://security-tracker.debian.org/tracker/CVE-2019-7574 https://security-tracker.debian.org/tracker/CVE-2019-7573 https://security-tracker.debian.org/tracker/CVE-2019-7572 Some bugs have links to upstream fixes, I think we can go ahead and merge those. The others have proposed patches, but let's not rush any upload and wait until these are properly reviewed/merged by upstream. Cheers, Moritz
--- End Message ---
--- Begin Message ---Source: libsdl2 Source-Version: 2.0.10+dfsg1-1 We believe that the bug you reported is fixed in the latest version of libsdl2, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 924...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Felix Geyer <fge...@debian.org> (supplier of updated libsdl2 package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Thu, 19 Sep 2019 23:50:39 +0200 Source: libsdl2 Architecture: source Version: 2.0.10+dfsg1-1 Distribution: unstable Urgency: medium Maintainer: Debian SDL packages maintainers <pkg-sdl-maintain...@lists.alioth.debian.org> Changed-By: Felix Geyer <fge...@debian.org> Closes: 892087 924610 939249 Changes: libsdl2 (2.0.10+dfsg1-1) unstable; urgency=medium . * New upstream release. (Closes: #939249) - Fixes warnings with -Wundef on non-x86 hosts. (Closes: #892087) - Fixes CVE-2019-7572, CVE-2019-7573, CVE-2019-7574, CVE-2019-7575, CVE-2019-7576, CVE-2019-7577, CVE-2019-7578, CVE-2019-7635, CVE-2019-7636, CVE-2019-7638 and CVE-2019-13626 (Closes: #924610) * Drop fix-cross-building-907711.patch, fixed upstream. * Bump SHLIBVER to 2.0.10. * Add support for nodoc build-profile. * Switch to debhelper compat level 12. * Cherry-pick upstream fix for CVE-2019-13616. * Mark autopkgtests as superficial. Checksums-Sha1: 0d8ad8c262f1f331083b19e06f4093cd72c00074 2823 libsdl2_2.0.10+dfsg1-1.dsc 36a22d420157c9dad291d8a2ce27065ac5e0213d 2550516 libsdl2_2.0.10+dfsg1.orig.tar.xz b4100b3207c9c7a67a9564a8dbfc474f6f95b7b3 17736 libsdl2_2.0.10+dfsg1-1.debian.tar.xz Checksums-Sha256: e2252a09f6831a1ce3d10b1d6174b0f0f3602b128916d4df490ec6d3fa898fe1 2823 libsdl2_2.0.10+dfsg1-1.dsc 8a425d050c492cd0c352b522beea2c379938c4be0d47607db5b1b68f2ddc7fee 2550516 libsdl2_2.0.10+dfsg1.orig.tar.xz 5a0dc089fda3d01d342f5f38cafb65954c863eadfe3f97259aa14535c0cb13c5 17736 libsdl2_2.0.10+dfsg1-1.debian.tar.xz Files: ba6a204a4b7d58b5e4198bdc5095fb09 2823 libs optional libsdl2_2.0.10+dfsg1-1.dsc 677763f073f2ce8e7600eabd0a938ef0 2550516 libs optional libsdl2_2.0.10+dfsg1.orig.tar.xz c69a3d75bb731e57bdce70645f1a67d6 17736 libs optional libsdl2_2.0.10+dfsg1-1.debian.tar.xz -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEFkxwUS95KUdnZKtW/iLG/YMTXUUFAl2D+gcACgkQ/iLG/YMT XUUjFBAAhIFjOJs/jO4BG2r3L9g//MyLqrB9UesjEbxOpxOYOLpQpmvLRU1MdN0R MSF4445STPLN60s38xwWPVvpwFDvyDTll7cOaNyhU6RQbGqhbWq5d+GKoKZvVba6 +U/7DDCeilfs870FO6meHDCaMU8J4/5lMW3uXZi+hvicGkjCQUrG2RTOgk42a2GA dm7uBw2eXblntEsgi8+X0uCdkyFCfiKCGldqfTaF36D+/ooEOCRh3Ok+/elrTbOD sKP8+rnErZbjKVVBfHExy6REkWWc+piinPyf3lxtqxZPTg8d9z+MNaT26JNnGJb/ /BIbYXlDk015eQH64GYp+cQfukOdQHHdIc7/IUNKxTv2xWd7iBh3Pu8CcWXU9r+L frv8hyB7QnDEGgi3t3odY6OVB8BY8XaMVclm1f7t9IXFr0MzaNUhGE3/CS1dKkeV 9ivSR/qiRnaT3/ohQZwBb/nl8QTQ2yMaKuW4XyDozXepcPs0MqLaolMmdaSfVucV RVPE8H6foeBr/1FNzxr49WZu7JUZJfMOtKNgyZnR9QbcqEVgifjacYWBq1Vk77cy 6yraE11VbIWcDZG2392GeVpH7N6gbY4C2D3OsN6HiSe++A+UoKwgfQEcWLvoxFry lARS2t9IDvHmcg1MapaYL1PEb1taSWtVFJGt5+xYb523rEJQ5eQ= =bmmh -----END PGP SIGNATURE-----
--- End Message ---
