Your message dated Mon, 09 Apr 2012 03:02:30 +0000
with message-id <[email protected]>
and subject line Bug#667475: fixed in libpng 1.2.49-1
has caused the Debian Bug report #667475,
regarding [libpng12-0] CVE-2011-3048: memory corruption flaw
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
667475: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=667475
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: libpng12-0
Version: 1.2.47-2
Severity: normal
Tags: security
X-Debbugs-CC: [email protected]
CVE-2011-3048 is fixed in the following libpng versions: 1.0.59, 1.2.49, 1.4.11,
1.5.10 and 1.6.0beta20. Can you upgrade to version 1.2.49?
--- System information. ---
Architecture: amd64
Kernel: Linux 3.2.0-2-amd64
Debian Release: wheezy/sid
500 unstable www.emdebian.org
500 unstable http.us.debian.org
500 stable security.debian.org
--- Package information. ---
Depends (Version) | Installed
========================-+-=============
libc6 (>= 2.11) | 2.13-27
zlib1g (>= 1:1.1.4) | 1:1.2.6.dfsg-2
Package's Recommends field is empty.
Package's Suggests field is empty.
--- End Message ---
--- Begin Message ---
Source: libpng
Source-Version: 1.2.49-1
We believe that the bug you reported is fixed in the latest version of
libpng, which is due to be installed in the Debian FTP archive:
libpng12-0-udeb_1.2.49-1_mipsel.udeb
to main/libp/libpng/libpng12-0-udeb_1.2.49-1_mipsel.udeb
libpng12-0_1.2.49-1_mipsel.deb
to main/libp/libpng/libpng12-0_1.2.49-1_mipsel.deb
libpng12-dev_1.2.49-1_mipsel.deb
to main/libp/libpng/libpng12-dev_1.2.49-1_mipsel.deb
libpng3_1.2.49-1_mipsel.deb
to main/libp/libpng/libpng3_1.2.49-1_mipsel.deb
libpng_1.2.49-1.debian.tar.bz2
to main/libp/libpng/libpng_1.2.49-1.debian.tar.bz2
libpng_1.2.49-1.dsc
to main/libp/libpng/libpng_1.2.49-1.dsc
libpng_1.2.49.orig.tar.bz2
to main/libp/libpng/libpng_1.2.49.orig.tar.bz2
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Anibal Monsalve Salazar <[email protected]> (supplier of updated libpng package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Mon, 09 Apr 2012 12:08:13 +1000
Source: libpng
Binary: libpng12-0 libpng12-dev libpng3 libpng12-0-udeb
Architecture: source mipsel
Version: 1.2.49-1
Distribution: unstable
Urgency: high
Maintainer: Anibal Monsalve Salazar <[email protected]>
Changed-By: Anibal Monsalve Salazar <[email protected]>
Description:
libpng12-0 - PNG library - runtime
libpng12-0-udeb - PNG library - minimal runtime library (udeb)
libpng12-dev - PNG library - development
libpng3 - PNG library - runtime
Closes: 667475 668082
Changes:
libpng (1.2.49-1) unstable; urgency=high
.
* New upstream version 1.2.49
- Fix CVE-2011-3048 (memory corruption flaw)
Closes: 667475
- Don't crash with electric fence memory debugger
Closes: 668082
* Merged upstream: 02-665208-CVE-2012-3045.patch
Checksums-Sha1:
97bc62e067dd4f028dca4cafc37ca889eed077b5 1976 libpng_1.2.49-1.dsc
93cdd7e4fe01b490cf045e3f354ab38f0200c540 669011 libpng_1.2.49.orig.tar.bz2
b66e6fbaa296a21a2c19922393111c0f1b503a0e 15926 libpng_1.2.49-1.debian.tar.bz2
954068cd8d070e297f4bf0ffdcc636b6db112b9d 184718 libpng12-0_1.2.49-1_mipsel.deb
6af14f453cccb01fd66bd2343c409c1ce5ca3b02 274834
libpng12-dev_1.2.49-1_mipsel.deb
ce0ee517ecd9be13b4543b8d950bec4797ef3e50 950 libpng3_1.2.49-1_mipsel.deb
fc7edba93fef4acbcf7c9b48000f3dae11a245e1 70266
libpng12-0-udeb_1.2.49-1_mipsel.udeb
Checksums-Sha256:
de69dd0f9a8b4758d991cafb43afbec6c92f1e9c175e48ad399cd28273c2d309 1976
libpng_1.2.49-1.dsc
fbf8faa70ebca2ed2ee6df6f2249f4722517b581af5b6c3c71bbdaf925d5954e 669011
libpng_1.2.49.orig.tar.bz2
02c9d8ae3e62eb7fc7848827957b23f0b3120f59c9254b255417d371a2f17929 15926
libpng_1.2.49-1.debian.tar.bz2
16977d7395735909a35168a45581e7ab3a911e24ff6f08fa2e2804d0232599a2 184718
libpng12-0_1.2.49-1_mipsel.deb
fe34f6ee1dcba4428005363115830b69ea4ed3de2d4a4299025faca525c78425 274834
libpng12-dev_1.2.49-1_mipsel.deb
2c6f73ee7ec6a3b981a7da6ddee169f031a85735ede482b9db68b643a89a1450 950
libpng3_1.2.49-1_mipsel.deb
a1ee89fc2f4c2c7c97d24f929599c4d5bb74f33b9161815484cc1d550acf830e 70266
libpng12-0-udeb_1.2.49-1_mipsel.udeb
Files:
e76f6a73dc3957d394277c502c23728b 1976 libs optional libpng_1.2.49-1.dsc
d5106b70b4f8b464a7da66bffe4565fb 669011 libs optional
libpng_1.2.49.orig.tar.bz2
255fa917ea45c837c1635de4eee936d5 15926 libs optional
libpng_1.2.49-1.debian.tar.bz2
5df8b116c4dbabb51226cf0c0c1e1fbd 184718 libs optional
libpng12-0_1.2.49-1_mipsel.deb
074dc66c38daca0d1148127bd2e2b9bd 274834 libdevel optional
libpng12-dev_1.2.49-1_mipsel.deb
5c1434b8e011f72ade7412b72ebf5d29 950 oldlibs optional
libpng3_1.2.49-1_mipsel.deb
f789f9da1a18de2dc464bf54657f0409 70266 debian-installer extra
libpng12-0-udeb_1.2.49-1_mipsel.udeb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iQIcBAEBCAAGBQJPgk6CAAoJEHxWrP6UeJfYB04P/0fgXdXUf/RyzPSw1vAadaSM
j3bPqqfwNIDA88fEGAPtF5MfMDBjFZwzmXj3Lpjr5NBCVDPVA44Yb7e3pjVW9IkG
XCUgl2J0us0q/8XcITMe2y7wY9WgKweZfj/rpPGB/ED2M3hYZ/VJXp0Ib/Fv4ztY
2hmqEjtP5aqhOfCDwEA7GZKM+aE1ZdakRZZ6vZMw7+rHlywfWLDRUdxcZVk4Fhlj
eeHIQTRDZNA77+tvGBP6FScbwGi82rEI/Ns5r6Xj7G9cMPcqkDylTay+p/aHv35a
fI9//B0UChmrVxnL6MP6Huf8f0dVExQQrpEfWT1+7MLPRMsHuC7IxNUV0s6P3nV/
Hs9fJyI8bCfBhU09WmZV+pXf5b6S5dqEIL+kosPxjUyRqI1fMK4aTyhPe8McaGwj
YVI3ZetqoaOcBOMjw3YroTpTyxAYwpprSWbyaOtZHUyLlNEIZ9MVX4N1RL7wVet+
9VUkQPFBU7iMy51hFcsu/t9FMpNaYnBqmwd1jMWfjgnDWS32SMLfxKboxAZvjM9V
rDNvh9CFDSRJSP4VCEjipkvXd/JnTcgbskO45pox5JXhHG9Ye3BAm728IkaAgfUL
uJfamXJWGhDBIo1ORyx1e7ZX2eqZZjNW9ILUtkPYf7+Gq86nvwloEwlzeph5yykd
eqbfD373LBcmBm6wAeAK
=JLWT
-----END PGP SIGNATURE-----
--- End Message ---
