Your message dated Mon, 21 Dec 2015 05:34:17 +0000
with message-id <[email protected]>
and subject line Bug#807931: fixed in foomatic-filters 4.0.17-7
has caused the Debian Bug report #807931,
regarding foomatic-filters: CVE-2015-8560: code execution via improper escaping
of ; in foomatic-rip
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
807931: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=807931
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: foomatic-filters
Version: 4.0.5-6
Severity: important
Tags: security upstream patch
Hi,
the following vulnerability was published for foomatic-filters, this
is in addition to CVE-2015-8327.
CVE-2015-8560[0]:
code execution via improper escaping of ; in foomatic-rip
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2015-8560
Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: foomatic-filters
Source-Version: 4.0.17-7
We believe that the bug you reported is fixed in the latest version of
foomatic-filters, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Jörg Frings-Fürst <[email protected]> (supplier of updated
foomatic-filters package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Wed, 16 Dec 2015 00:49:11 +0100
Source: foomatic-filters
Binary: foomatic-filters
Architecture: source
Version: 4.0.17-7
Distribution: unstable
Urgency: high
Maintainer: Jörg Frings-Fürst <[email protected]>
Changed-By: Jörg Frings-Fürst <[email protected]>
Description:
foomatic-filters - OpenPrinting printer support - filters
Closes: 806886 807931
Changes:
foomatic-filters (4.0.17-7) unstable; urgency=high
.
* New patch debian/patches/0500-r7406_also_consider_the_back_\
tick_as_an_illegal_shell_escape_character.patch
(Closes: #806886, #807931)
- CVE-2015-8327 Insufficient script injection prevention.
- Add changes from upstream revision 7419.
- CVE-2015-8560: code execution via improper escaping of ; in foomatic-rip.
* Rename patches.
* To prevent build warnings:
- debian/control: Add autotools-dev and autoconf to Build-Depends.
- debian/rules: Add --with autotools-dev.
Checksums-Sha1:
b1a07c97692066817866eba91b29f4df1b14eadc 2012 foomatic-filters_4.0.17-7.dsc
e26679f8fca9f0938c48a9160b7f2d11505ee91b 51992
foomatic-filters_4.0.17-7.debian.tar.xz
Checksums-Sha256:
c215415598f732207e3a549a8773dd0667c6d53b58cedc484027e94fcc2be897 2012
foomatic-filters_4.0.17-7.dsc
112898771de9b764d59e472515248c39ba4010a99c04bd7772e6cf1646b09f13 51992
foomatic-filters_4.0.17-7.debian.tar.xz
Files:
f5e653345d9f62c7bcfa2f00d2801897 2012 text optional
foomatic-filters_4.0.17-7.dsc
3312bf654030d3e71662ad295379c8c8 51992 text optional
foomatic-filters_4.0.17-7.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCAAGBQJWd42GAAoJEI7tzBuqHzL/B0gP/RqEdDqP9BvelogD6/1hkcm9
Ht03VR3Mslv5PtKcvPNCvntKbZjLwuBZPkiTwv83YhrUU7i5IiMVurtuWGuflrIX
+q0dS6EtRZVMafT2ekoN5EwIdDBX3zPIErFf5YE8sUXCm4brbPVt7IJZVJBixikV
Yae66nfHEUDEwgbXo/CL59xNydNjitWE0xw+upOn+I2RcllCMXqaEDL+RpS7HPoG
l+L3oRyxyNNBi0vrNmfjkRjWSwYWyFMjBCjwZg57HjKWb9qYHdWTdhth+6rUivWP
5x4jGNv4OAFMQgcWDJdE73UFv9bgxvPyy44Fz8eQ0reh3u48JJ9XmM2yo6BP0nPa
HY61j9ZykUfH/s69K3DXexDd/50UOKuNO95oox5tpxX9nryKhegz0mCFfStU7MfO
EzpW7Tj0hsP4IIYSJ6XjPMHNrzC4aemgjanZne7S3IdOFsBD4R1SQMcDiHhJm0AT
tKRKoIZZMSsuE85PDLYwSr6kLtcEDR4GKuboz7g9wwLmw4I1Xt7q4EkjPbzLEsXT
4qy2tuWBE107H9ssB2usva2b8e++JUMav+WKrzfBdILDpwc4vuZezLRBacygMU33
32/RR6ZQzbBifjWNtILEvV6JvoZSrdkbOiXIULrDQar7wzMgcUX5sHGrlqEV3nZ1
WqYK0PfDOoa2fGB+G2UV
=9lUu
-----END PGP SIGNATURE-----
--- End Message ---
