Your message dated Mon, 09 Apr 2012 03:47:56 +0000
with message-id <[email protected]>
and subject line Bug#667475: fixed in libpng 1.5.10-1
has caused the Debian Bug report #667475,
regarding [libpng12-0] CVE-2011-3048: memory corruption flaw
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
667475: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=667475
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: libpng12-0
Version: 1.2.47-2
Severity: normal
Tags: security
X-Debbugs-CC: [email protected]
CVE-2011-3048 is fixed in the following libpng versions: 1.0.59, 1.2.49, 1.4.11,
1.5.10 and 1.6.0beta20. Can you upgrade to version 1.2.49?
--- System information. ---
Architecture: amd64
Kernel: Linux 3.2.0-2-amd64
Debian Release: wheezy/sid
500 unstable www.emdebian.org
500 unstable http.us.debian.org
500 stable security.debian.org
--- Package information. ---
Depends (Version) | Installed
========================-+-=============
libc6 (>= 2.11) | 2.13-27
zlib1g (>= 1:1.1.4) | 1:1.2.6.dfsg-2
Package's Recommends field is empty.
Package's Suggests field is empty.
--- End Message ---
--- Begin Message ---
Source: libpng
Source-Version: 1.5.10-1
We believe that the bug you reported is fixed in the latest version of
libpng, which is due to be installed in the Debian FTP archive:
libpng-dev_1.5.10-1_mipsel.deb
to main/libp/libpng/libpng-dev_1.5.10-1_mipsel.deb
libpng15-15-udeb_1.5.10-1_mipsel.udeb
to main/libp/libpng/libpng15-15-udeb_1.5.10-1_mipsel.udeb
libpng15-15_1.5.10-1_mipsel.deb
to main/libp/libpng/libpng15-15_1.5.10-1_mipsel.deb
libpng_1.5.10-1.debian.tar.bz2
to main/libp/libpng/libpng_1.5.10-1.debian.tar.bz2
libpng_1.5.10-1.dsc
to main/libp/libpng/libpng_1.5.10-1.dsc
libpng_1.5.10.orig.tar.bz2
to main/libp/libpng/libpng_1.5.10.orig.tar.bz2
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Anibal Monsalve Salazar <[email protected]> (supplier of updated libpng package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Mon, 09 Apr 2012 13:29:39 +1000
Source: libpng
Binary: libpng15-15 libpng-dev libpng15-15-udeb
Architecture: source mipsel
Version: 1.5.10-1
Distribution: experimental
Urgency: high
Maintainer: Anibal Monsalve Salazar <[email protected]>
Changed-By: Anibal Monsalve Salazar <[email protected]>
Description:
libpng-dev - PNG library - development
libpng15-15 - PNG library - runtime
libpng15-15-udeb - PNG library - minimal runtime library (udeb)
Closes: 667475
Changes:
libpng (1.5.10-1) experimental; urgency=high
.
* New upstream version 1.5.10
- Fix CVE-2011-3048 (memory corruption flaw)
Closes: 667475
* Standards Version is 3.9.3
Checksums-Sha1:
07e4c5daa3e41d9c3e399c869e0c303f396e39a0 1923 libpng_1.5.10-1.dsc
e0e3de999095b737d134bd5f76d27188d26a41b2 875183 libpng_1.5.10.orig.tar.bz2
1fa9215f81bfdfa8284a44e4eeda46da7448b2c7 15874 libpng_1.5.10-1.debian.tar.bz2
a0da0a9a903d59b94f4644457055918d07d74c02 231398 libpng15-15_1.5.10-1_mipsel.deb
6676d7ec9bdf6e73a61f26311bfef467abff1285 314804 libpng-dev_1.5.10-1_mipsel.deb
75b1d0a9ca2a4d9a2fafeaad0dd54f0c4a706914 79696
libpng15-15-udeb_1.5.10-1_mipsel.udeb
Checksums-Sha256:
bdd876ea3e8c2444b4801069c7fbc0a19ab0a24eb68735a0faea2cbfcb2bf9e9 1923
libpng_1.5.10-1.dsc
4d044852d3fbe5c0fad51f80f3f9bd519a6d5e1997079b165aa2292bd706cd5d 875183
libpng_1.5.10.orig.tar.bz2
9a143cbf6330b6563070094bdb2b6800dffb3ec4832ffca1519c1bc724cbf0f7 15874
libpng_1.5.10-1.debian.tar.bz2
6ee938b38a7e0d13d9454701206eaa82786ed78a34b5eb9d698c9bcd9125b63e 231398
libpng15-15_1.5.10-1_mipsel.deb
70419d341e0aface94d98f028d291f5569f067d8793de72151c94d7a9b3c90bb 314804
libpng-dev_1.5.10-1_mipsel.deb
0865e19fe56e793d7590f7502c720fede5ef3fd98fad378c21a05c915f8685cb 79696
libpng15-15-udeb_1.5.10-1_mipsel.udeb
Files:
dbc79957344654381d1cd43ce39f896f 1923 libs optional libpng_1.5.10-1.dsc
f4395eaf426bdd870446c246df307aae 875183 libs optional
libpng_1.5.10.orig.tar.bz2
2bd5931aac0601710006e13cdaef800a 15874 libs optional
libpng_1.5.10-1.debian.tar.bz2
1a8f27d9029b8eb1f3eac1418917f130 231398 libs optional
libpng15-15_1.5.10-1_mipsel.deb
e524c8f2bb9af992426dfbb1ef9e21fc 314804 libdevel optional
libpng-dev_1.5.10-1_mipsel.deb
93d515433f2211e3cedef5e985c9485c 79696 debian-installer extra
libpng15-15-udeb_1.5.10-1_mipsel.udeb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iQIcBAEBCAAGBQJPglrRAAoJEHxWrP6UeJfYC/YP/0setMYuwWlDyf/64+ERPAQ7
WlSOzEx3TmBw1GxOA7iiyQZtpiSGhUeqZRIeJSEJEVLg/HOYQgVpTdaPRSHpkI8Z
Atq9HMMeuoOXtQwRRhf2TbUY6KnLFEfrjyQGdfLuUV1uKwt2v30fddboRslJ5vAH
qjY36IIlnOL88vRbO0vv4eMDHI2OhEFaC6OAM1dIj0caxGS67oQXkoIwWbvx/NxW
efBTA+9VUld8EDvkUCSFNrQ1QmYPNKr2+AwQQn/KbNrxxKoBBlkblrtFY8LjEVqP
gvDF7q4d3iSEc64lU+95+Sy4ajTvUn+97uolJV8NQrP0xQ6GnSRTdRKB683Mu4gf
w/ndGpXucUzNZXYNO0PfcjdSgfLCTcHonAfbhSbNJsv5cfpWkJBGUb76yxyt+2y8
HoE/E31fZApTfZMmsVng60bw03ssz+FRnyeLFa6NEFFdgU6ZJbKgZliJ7f+togMC
imteSh9ILzxhLzjBsIFklEWxltkijceIX2ALS4ePxlVj+ARinD+tGt1EIPd3sSgL
YqvppNT24EOBV/l3ZCYh0gK9rC1HwXvTyro5NTDKv7zgfz70CN4vEHKr9/GAwDgV
1DPxA9K7AbHAilHrwlYMeUIYVSAKFA07qa1GcneXbzyN1zgEp98xxIBxVep7RAMR
1hq4GZxAQnrRiTQ8Euw5
=prVM
-----END PGP SIGNATURE-----
--- End Message ---
