Your message dated Tue, 18 Oct 2016 02:26:27 +0000 with message-id <cdc98995-3f72-4036-9fc9-999bc1472...@hpe.com> and subject line Bug#838300: fixed in golang-github-appc-docker2aci 0.12.3+dfsg-2 has caused the Debian Bug report #840711, regarding golang-github-appc-docker2aci: CVE-2016-8579 to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 840711: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=840711 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Source: golang-github-appc-docker2aci Version: 0.12.0+dfsg-1 Severity: grave Tags: security upstream patch Forwarded: https://github.com/appc/docker2aci/issues/203 Hi, the following vulnerability was published for golang-github-appc-docker2aci. CVE-2016-8579[0]: infinite loop in deps walking If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2016-8579 [1] https://github.com/appc/docker2aci/issues/203 [2] https://github.com/lucab/docker2aci/commit/54331ec7020e102935c31096f336d31f6400064f Regards, Salvatore
--- End Message ---
--- Begin Message ---Source: golang-github-appc-docker2aci Source-Version: 0.12.3+dfsg-2 Marking as closed by hand, because I screwed up the changelog. )-: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Tue, 18 Oct 2016 09:09:26 +1100 Source: golang-github-appc-docker2aci Binary: golang-github-appc-docker2aci-dev docker2aci Architecture: source amd64 all Version: 0.12.3+dfsg-2 Distribution: unstable Urgency: high Maintainer: Debian Go Packaging Team <pkg-go-maintain...@lists.alioth.debian.org> Changed-By: Tim Potter <t...@hpe.com> Description: docker2aci - CLI tool to convert Docker images to ACIs golang-github-appc-docker2aci-dev - library to convert Docker images to ACIs Changes: golang-github-appc-docker2aci (0.12.3+dfsg-2) unstable; urgency=high . * Fix infinite loop in deps walking, CVE-2016-8579. (Closes #840711). Checksums-Sha1: fe6ea2fbb74122b8d811762ef6b298c56c73f8a4 2523 golang-github-appc-docker2aci_0.12.3+dfsg-2.dsc 3e92f8fc24e69613168cf98fa2a31b2e6f02db15 35656 golang-github-appc-docker2aci_0.12.3+dfsg.orig.tar.xz f75010ac56a5f05dad140a71bf776ff413965746 3240 golang-github-appc-docker2aci_0.12.3+dfsg-2.debian.tar.xz d2466ea5eb2615a80c9bb1e4e0866be8c63e18f5 1398420 docker2aci_0.12.3+dfsg-2_amd64.deb c8b5195a5a5957cfce72e0337fc9019c5a112b01 28712 golang-github-appc-docker2aci-dev_0.12.3+dfsg-2_all.deb Checksums-Sha256: b3c4b9ee86a8f937301953844e881e2830cd51d30e3850e02f2155b694c3146b 2523 golang-github-appc-docker2aci_0.12.3+dfsg-2.dsc 49d9869d25a9bab4187ca070e77a23a8d20d39b92cdb24b8b4b45df0e1549aa5 35656 golang-github-appc-docker2aci_0.12.3+dfsg.orig.tar.xz 8168069f7267b546513db34af625dd5f17c743d704c92233057c7842132445fa 3240 golang-github-appc-docker2aci_0.12.3+dfsg-2.debian.tar.xz 9513b2116f16f277a1a66fb45c54ef7f0f3cca793070c30e733cacb348ee0e8c 1398420 docker2aci_0.12.3+dfsg-2_amd64.deb f6a82e6e4e24b242e534aabb2bc3dd44ce1317fae02fc963830609d0478906f8 28712 golang-github-appc-docker2aci-dev_0.12.3+dfsg-2_all.deb Files: c0ce393b80ea8a8c4b532afdf32a8335 2523 devel extra golang-github-appc-docker2aci_0.12.3+dfsg-2.dsc e9b4bf8b201f78017e70c52a9e693b79 35656 devel extra golang-github-appc-docker2aci_0.12.3+dfsg.orig.tar.xz 507c63c047d98ed8af76cbeca74b71c3 3240 devel extra golang-github-appc-docker2aci_0.12.3+dfsg-2.debian.tar.xz 5b2ee5d96f74e36ba77ccffab2f59fc9 1398420 devel extra docker2aci_0.12.3+dfsg-2_amd64.deb f4973b710d4f5d3cf86739d41db6ab63 28712 devel extra golang-github-appc-docker2aci-dev_0.12.3+dfsg-2_all.deb -----BEGIN PGP SIGNATURE----- iQIcBAEBCAAGBQJYBU/WAAoJELJMpj9uu+hNOA4QAMS++qIX1f1NgUdcZulFLs/i K/WiluRhQcVGMMqA9+NRHa21MC67q97+Aovy7DsJbjCo/40jWwfLISmedzNW5rOc 10ox9KAYkt3/h/SlZNjHsPw7wHPmyWiy4NQEjXD/+gYZg15zQG2gcG3AeVUnZSyK vSpJQktOAu4Ukj2/KwrG87jZ6SQN8erusP+zxN1oGfDGIGG1HPS8eII5B882jVkT cdU/qOOFFtTR6mMFuPUcHsvPQcQFUD34bWqLFHBRvu0TrUaYuYH0mptBkM6udYGg HCHfaxumwPSFv5fQkQ95b85H3P1SNSMmPIDPYQLQ70tuAhkVXvx9atfjgpenzBmF Ge7yRCHbRSNsdXqhydzISugs5Xj5SO8sBF/y7E7Uy04u+SWliLt2M0fyrYMk05rP oAdD/ctmblfk63jb9LXPRCslVEKZQeZWUCaJKl5dOUe9VmSGgmbvnEufMa3djHbG O2hzZQnhhv2B08AIPCeLS1BNx+u+LcnwqiWewOUxsnQC/1LT2hjxyP26tkqlb+Y/ re7HrhNi9BP+jcG8g2RmBhur4wG+F5KJ5mNEwxTaVA2N/ygurYoWyXMeeYsfBrZ1 IY4KSDQ+ZlY9YD2XWqH0Edb0P+XFTMIHiDkofyb+Y2VfrbO1sP9vboxukNQTmEBn 0GZ+8uiwjccEJXwzVQgV =EpjT -----END PGP SIGNATURE-----signature.asc
Description: Message signed with OpenPGP using GPGMail
--- End Message ---