Your message dated Mon, 01 Aug 2016 22:40:11 +0000
with message-id <[email protected]>
and subject line Bug#819969: fixed in libjpeg9 1:9b-2
has caused the Debian Bug report #819969,
regarding libjpeg9: CVE-2016-3616: null pointer dereference in cjpeg
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
819969: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=819969
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: libjpeg9
Version: 1:9b-1
Severity: important
Tags: security upstream
Hi,
the following vulnerability was published for libjpeg9. The issue
is in the cjpeg utility.
CVE-2016-3616[0]:
null pointer dereference in cjpeg
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2016-3616
[1] https://bugzilla.redhat.com/show_bug.cgi?id=1319661
[2] https://bugzilla.redhat.com/show_bug.cgi?id=1318509
Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: libjpeg9
Source-Version: 1:9b-2
We believe that the bug you reported is fixed in the latest version of
libjpeg9, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Bill Allombert <[email protected]> (supplier of updated libjpeg9 package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Sat, 30 Jul 2016 13:27:31 +0200
Source: libjpeg9
Binary: libjpeg9 libjpeg9-dev libjpeg9-dbg libjpeg-progs
Architecture: source amd64
Version: 1:9b-2
Distribution: unstable
Urgency: low
Maintainer: Bill Allombert <[email protected]>
Changed-By: Bill Allombert <[email protected]>
Description:
libjpeg-progs - Programs for manipulating JPEG files
libjpeg9 - Independent JPEG Group's JPEG runtime library
libjpeg9-dbg - Development files for the IJG JPEG library
libjpeg9-dev - Development files for the IJG JPEG library
Closes: 819969
Changes:
libjpeg9 (1:9b-2) unstable; urgency=low
.
* New patches:
CVE-2016-3616, CVE-2016-3616-2:
fix null pointer dereference in cjpeg [CVE-2016-3616]. Closes: #819969
* debian/control:
- Bump standard version to 3.9.7.
* debian/rules: use dh_makeshlibs
Checksums-Sha1:
1515d2da00be36711de180b05de831646430514f 1853 libjpeg9_9b-2.dsc
bf1a09b7e64beac15fde627ce533d7c2ed049a7c 14412 libjpeg9_9b-2.debian.tar.xz
a61cda58f476d210b3a82c193c40de4e0dd17bc2 83332 libjpeg-progs_9b-2_amd64.deb
9fc715a58be693621adbe2a462d89e578ba82496 267474 libjpeg9-dbg_9b-2_amd64.deb
a69806c715ab62f027b2fb5c7c070e0e45789a2d 219760 libjpeg9-dev_9b-2_amd64.deb
ad0edbd1b671de09bbc3bd304dee735368e416df 122714 libjpeg9_9b-2_amd64.deb
Checksums-Sha256:
acb49a057a1e7667a8268bcd4d211f6a303e4d59aaac1d03c9effc36f3e362fe 1853
libjpeg9_9b-2.dsc
d2a201ded0cd1996905a9bd77d9d4dbb4ad5256a0bf157af2487d31115f4fbfe 14412
libjpeg9_9b-2.debian.tar.xz
02488771c7c35c9781114bf334466498d0221c8523f97a18ae54f1a270e12d8e 83332
libjpeg-progs_9b-2_amd64.deb
c2cc10c97a15fbafb4f8a622cb96af8b35928ef2c1da97fb8ef5a3e1b11322be 267474
libjpeg9-dbg_9b-2_amd64.deb
10839b3dade9efba1e30879f24b6d3fdb88065b2514ecc49070d9950e2bf042a 219760
libjpeg9-dev_9b-2_amd64.deb
ca478e1b5062bd42dcae0a14b329ce2ce8cab2c4e619e077551db75cafe23089 122714
libjpeg9_9b-2_amd64.deb
Files:
edc610d12518cab8320cdf0b5975414c 1853 graphics optional libjpeg9_9b-2.dsc
179c79e5af3fe8f6853719303c1f0135 14412 graphics optional
libjpeg9_9b-2.debian.tar.xz
05526bc763f8aa10c99e9b4061e5cfa5 83332 graphics optional
libjpeg-progs_9b-2_amd64.deb
a8b38abe6e26102cb63ccaf57daa50a4 267474 debug extra libjpeg9-dbg_9b-2_amd64.deb
e3191d0b66b86137674b93877c5d687a 219760 libdevel optional
libjpeg9-dev_9b-2_amd64.deb
c2d91ffa7eaa0cc416b38fa23822c5e4 122714 libs optional libjpeg9_9b-2_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBAgAGBQJXn8coAAoJEI8OfCtFIuOH6KgP/jRHMpId5cgQe3wl5q95uK2J
OB9Kw0qg/ukOsC5U1QFWSjEtkMNonWvp7bqGqBKiIC2Zo44XZ8Rdw5KyEENWPb1q
T48NRGPRBPbjQJrDqllr8hgnL1R3Wfsn1QtTFqMweKDlxzFIM8tyrV6V/r/bk3Mq
MhYMWOsRjwM6wYOyvkvdNDRiOCvb9nWHawBrhtdQgULSkOm3MW4n94xWvj5feUYt
pGMI5IB250Mh5bWgtJxCEsQpMmk24bV0bWgL9fBBCSWDGOiaycopHzKzn+Bb5vzV
4dAg2Fy4P01uKqKIdXplKxpvRXYixzjmfdHFj2eT9uIOdZA4dSwoBB6GvyTH4ptF
sp6o0YuYWgjzttFT+V98OjXthdhsr5CiBSQLWfmgRY/x+2u9WaEZwTQBhfxMqFGj
Pv2zPFWkX48Q5qEo2OKl/c5dKV32yqUrNmdJnXYNXUkp35BHnexlRnSpvDMJK7IY
rASC2sRwiNXUIAgDOgSGRtj0Lg7lFYHLTIXleT+Y6vWoGOOOLKTyGoqQKtKPQRTD
6btPAIXnpNuU6I3ysGsti+aZmzgiRDKJIe9p4jJ18BJ5klifTFaPd4BVdfOVMWM8
tfzqBgJXz918mC6+F+hfBTJNR77H6TVLMHauA7ccJVDjp4xGDCy8T6ruo6TDrcP8
1IjprVByi2fe9KSZ8Jkg
=JkZZ
-----END PGP SIGNATURE-----
--- End Message ---