Bug#601002: marked as done (libfreeimage3: No mention of embedded libraries in copyright file)

Debian Bug Tracking System Fri, 29 Oct 2010 06:33:33 -0700

Your message dated Fri, 29 Oct 2010 13:32:12 +0000
with message-id <e1pbp40-00039e...@franck.debian.org>
and subject line Bug#601002: fixed in freeimage 3.10.0-3
has caused the Debian Bug report #601002,
regarding libfreeimage3: No mention of embedded libraries in copyright file
to be marked as done.


This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
601002: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=601002
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

--- Begin Message ---

Package: libfreeimage3
Version: 3.10.0-2
Severity: serious
Justification: Policy 12.5 Copyright Information

"Every package must be accompanied by a verbatim copy of its copyright
information and distribution license in the file
/usr/share/doc/package/copyright".

FreeImage ships embedded copies of libjpeg, libmng, libopenjpeg, libpng,
libtiff and openexr, but there is no mention of these works in the
copyright file.

-- System Information:
Debian Release: squeeze/sid
  APT prefers testing
  APT policy: (530, 'testing'), (520, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.32-5-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_GB.utf8, LC_CTYPE=en_GB.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages libfreeimage3 depends on:
ii  libc6                         2.11.2-6   Embedded GNU C Library: Shared lib
ii  libgcc1                       1:4.4.5-4  GCC support library
ii  libstdc++6                    4.4.5-4    The GNU Standard C++ Library v3

libfreeimage3 recommends no packages.

libfreeimage3 suggests no packages.

-- no debconf information

--- End Message ---

--- Begin Message ---

Source: freeimage
Source-Version: 3.10.0-3

We believe that the bug you reported is fixed in the latest version of
freeimage, which is due to be installed in the Debian FTP archive:

freeimage_3.10.0-3.diff.gz
  to main/f/freeimage/freeimage_3.10.0-3.diff.gz
freeimage_3.10.0-3.dsc
  to main/f/freeimage/freeimage_3.10.0-3.dsc
libfreeimage-dev_3.10.0-3_amd64.deb
  to main/f/freeimage/libfreeimage-dev_3.10.0-3_amd64.deb
libfreeimage3-dbg_3.10.0-3_amd64.deb
  to main/f/freeimage/libfreeimage3-dbg_3.10.0-3_amd64.deb
libfreeimage3_3.10.0-3_amd64.deb
  to main/f/freeimage/libfreeimage3_3.10.0-3_amd64.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 601...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Julien Cristau <jcris...@debian.org> (supplier of updated freeimage package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Fri, 29 Oct 2010 14:46:46 +0200
Source: freeimage
Binary: libfreeimage-dev libfreeimage3 libfreeimage3-dbg
Architecture: source amd64
Version: 3.10.0-3
Distribution: unstable
Urgency: low
Maintainer: Debian QA Group <packa...@qa.debian.org>
Changed-By: Julien Cristau <jcris...@debian.org>
Description: 
 libfreeimage-dev - Support library for graphics image formats (development 
files)
 libfreeimage3 - Support library for graphics image formats (library)
 libfreeimage3-dbg - Support library for graphics image formats (debugging 
symbols)
Closes: 558857 595559 595560 601002 601762
Changes: 
 freeimage (3.10.0-3) unstable; urgency=low
 .
   * Don't use embedded copies of various libraries, add build-deps on their
     packaged versions (closes: #595560):
     - libjpeg 6b
     - libmng 1.0.9
     - libopenjpeg 1.2.0
     - libpng 1.2.23
       + CVE-2010-2249, CVE-2010-1205, CVE-2010-0205, CVE-2009-2042,
         CVE-2008-6218, CVE-2008-5907, CVE-2009-0040, CVE-2008-3964,
         CVE-2008-1382
     - openexr 1.6.1
       + CVE-2009-1720, CVE-2009-1721
     - zlib 1.2.3
   * The embedded libtiff copy is still used, because freeimage uses its
     internals and I couldn't figure out how to unentangle this.  Update the
     tiff copy to 3.9.4-5, though:
     CVE-2010-3087, CVE-2010-2483, CVE-2010-2482, CVE-2010-2481, CVE-2010-2443,
     CVE-2010-2233, CVE-2010-2067, CVE-2010-2065, CVE-2010-1411, CVE-2009-2347,
     CVE-2008-2327.
   * Add tiff copyright and license to debian/copyright (closes: #601002)
   * Link with -lm (closes: #558857).
   * Try to avoid arch-specific values in our copy of tif_config.h and
     tiffconf.h (closes: #601762)
   * Set LFS CFLAGS in Makefile.gnu.
   * Orphan package (closes: #595559).
Checksums-Sha1: 
 11e6b0d0e1eaf7413f64e1ce00e478006fd4cb81 1966 freeimage_3.10.0-3.dsc
 542471c11ecc15facf712c218416d2a5a41b3335 535198 freeimage_3.10.0-3.diff.gz
 0905735a7e997ed078f54f0d08064646b0261c8e 8057990 
libfreeimage-dev_3.10.0-3_amd64.deb
 078e561ca29d262f14a58e04a86109f725485ab0 801806 
libfreeimage3_3.10.0-3_amd64.deb
 39add70677607e057efc8dde26748dd51a2e5e44 2493874 
libfreeimage3-dbg_3.10.0-3_amd64.deb
Checksums-Sha256: 
 c821fbdcb7662c8e26b4e9938f96444197af2e7069007451c54e9d6cd86180e2 1966 
freeimage_3.10.0-3.dsc
 948f293e48478b73124ad21d37c75036287dabf2344b42e528965930eb49f98b 535198 
freeimage_3.10.0-3.diff.gz
 e726a8ec4bd0e3b09670205227f62570c32eb6901c3f8bd1ada955c272c36e56 8057990 
libfreeimage-dev_3.10.0-3_amd64.deb
 4b3e080935314281761855e9359799713eda765d07b868334aad1bf78d6ce814 801806 
libfreeimage3_3.10.0-3_amd64.deb
 636acadbd0dce6a88a60b24811762b8cdb12ce4f5b5e59a7d7edc6612d05d29a 2493874 
libfreeimage3-dbg_3.10.0-3_amd64.deb
Files: 
 5b45b910458a8a2274a5bc67a30fdeae 1966 libs optional freeimage_3.10.0-3.dsc
 c49cb524e138ac05478fd9fac90af473 535198 libs optional 
freeimage_3.10.0-3.diff.gz
 fdcc7a2a7000382a3dbbc9b0d613b19f 8057990 libdevel optional 
libfreeimage-dev_3.10.0-3_amd64.deb
 8b7bd5d88cd3ce8372134288f899afad 801806 libs optional 
libfreeimage3_3.10.0-3_amd64.deb
 b252bffa78ca8c095ea3fb1013a705f5 2493874 debug extra 
libfreeimage3-dbg_3.10.0-3_amd64.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iQIcBAEBCAAGBQJMyshEAAoJEDEBgAUJBeQMjyoQAO01gDDNEtkxHVODBDTbLPZV
Aa2P53rikBTty2Ape/K0/iERp8Ny0jift++3eP3w+PFXcFh2aV4fL3MAb8IWRCG0
M9SWTp7TFNJCthoeW/Kqa/Q655nZlTWYMOnF7KvBS7vQE5xi26qK7gInxL4w/Eqh
ydb3MHooX8uU7+Nd0gXW1sDCI9lmWvgOZsATozSSDWGbwAI22n1LRy3m5vIlTXAA
gj1HWIi6g2G/YKJenFZqcIpWjS0fCK3QNfDuPV0KAVkzp0cFrGJ245IBeYoQAdxQ
333h8PdMsjkmLGYZYgocQCrhMo/u/wSE1H7ANE4BD9Xj2bDyM6xWgJPGauET2XlF
QbV4FQGuMK3V8U00D3CYA4wHputNCgeXNSPahnXtqFnVsHtJpxsRnWlvhhKKxjBd
UP1NImTRYdw+jchloJf1K9+VRLkIshhSAB/QExoOWN/+fBaxmDqbvcuxagILBx5F
+ELL3EBnOmW1wj3CPa9Qk9Ryu+2bGpG2RPEpAuPgurh3ccvmAtLDFW4A/Q5/clJ9
EC9q/e+SW+4JpUUeUkGkTSC9kG9gdcJ3rOkiMZ9z1Dijf2KklP9EQdJuVjBMof8D
CYNi9DWoX14fwz+at9izqhjBQwF1ymDIM2r7WXAH9XVuK0z7UBJR3gSFDwf1nQ7M
iaoiq6M34EcvwvLI9sH0
=CIOj
-----END PGP SIGNATURE-----

--- End Message ---

Bug#601002: marked as done (libfreeimage3: No mention of embedded libraries in copyright file)

Reply via email to