Bug#847275: marked as done (zlib: CVE-2016-9843)

Debian Bug Tracking System Wed, 07 Dec 2016 02:24:39 -0800

Your message dated Wed, 07 Dec 2016 10:21:28 +0000
with message-id <[email protected]>
and subject line Bug#847275: fixed in zlib 1:1.2.8.dfsg-3
has caused the Debian Bug report #847275,
regarding zlib: CVE-2016-9843
to be marked as done.


This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
847275: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847275
Debian Bug Tracking System
Contact [email protected] with problems

--- Begin Message ---

Source: zlib
Version: 1:1.2.8.dfsg-2
Severity: important
Tags: security upstream patch

Hi,

the following vulnerability was published for zlib.

CVE-2016-9843[0]:
No description was found (try on a search engine)

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2016-9843
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9843
[1] 
https://github.com/madler/zlib/commit/d1d577490c15a0c6862473d7576352a9f18ef811

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore

--- End Message ---

--- Begin Message ---

Source: zlib
Source-Version: 1:1.2.8.dfsg-3

We believe that the bug you reported is fixed in the latest version of
zlib, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Mark Brown <[email protected]> (supplier of updated zlib package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Wed, 07 Dec 2016 09:15:05 +0000
Source: zlib
Binary: zlib1g zlib1g-dev zlib1g-dbg zlib1g-udeb lib64z1 lib64z1-dev lib32z1 
lib32z1-dev libn32z1 libn32z1-dev
Architecture: source amd64
Version: 1:1.2.8.dfsg-3
Distribution: unstable
Urgency: high
Maintainer: Mark Brown <[email protected]>
Changed-By: Mark Brown <[email protected]>
Description:
 lib32z1    - compression library - 32 bit runtime
 lib32z1-dev - compression library - 32 bit development
 lib64z1    - compression library - 64 bit runtime
 lib64z1-dev - compression library - 64 bit development
 libn32z1   - compression library - n32 runtime
 libn32z1-dev - compression library - n32 development
 zlib1g     - compression library - runtime
 zlib1g-dbg - compression library - development
 zlib1g-dev - compression library - development
 zlib1g-udeb - compression library - runtime for Debian installer (udeb)
Closes: 847270 847274 847275
Changes:
 zlib (1:1.2.8.dfsg-3) unstable; urgency=high
 .
   * Apply upstream fix for CVE-2016-9841 (closes: #847270).
   * Apply upstream fix for CVE-2016-9842 (closes: #847274).
   * Apply upstream fix for CVE-2016-9843 (closes: #847275).
   * Standards version 3.9.8 (no changes).
Checksums-Sha1:
 5155d5c4b2880d1136b1475cf3e0f61a8cea92cf 2153 zlib_1.2.8.dfsg-3.dsc
 415adbe30d92dacc119639ab9c5532a45d5c82d2 16596 zlib_1.2.8.dfsg-3.debian.tar.xz
 3c9c7546ac4ef65ed46dc705b6995ca875129884 90658 
lib32z1-dev_1.2.8.dfsg-3_amd64.deb
 8dfd28037440a0f577ace36941b86af96259168a 88148 lib32z1_1.2.8.dfsg-3_amd64.deb
 7a56e2cb3cd5304bd9b4e78924fb0fce8126801d 184678 
zlib1g-dbg_1.2.8.dfsg-3_amd64.deb
 03582e66c238dda58646aeb89edb421e56b706aa 204894 
zlib1g-dev_1.2.8.dfsg-3_amd64.deb
 ca78f5416a2dfc2caa561c808ecad4ca2add95eb 48456 
zlib1g-udeb_1.2.8.dfsg-3_amd64.udeb
 01fd9f6915b2b3400a10af6fa9919c95fc57c23f 87408 zlib1g_1.2.8.dfsg-3_amd64.deb
 12d321e1c0da7b3a21485869ebe69662bb499fa5 6655 zlib_1.2.8.dfsg-3_amd64.buildinfo
Checksums-Sha256:
 c71341b1a4f17cdb093442683c9bd85d9e4f7a59fe7a4d0e46b7d5203ff61c49 2153 
zlib_1.2.8.dfsg-3.dsc
 190e2d2384c98cda2fb4213b9ca8c693e130ddb9ff7ef79d71448ef954d73d78 16596 
zlib_1.2.8.dfsg-3.debian.tar.xz
 2c29a0f0b40b528d0764627d48f9f2808b6a630c9a76c73276f2b9a710221ed4 90658 
lib32z1-dev_1.2.8.dfsg-3_amd64.deb
 4c38f3b65c9f6299aad342b7575bdf293f4d8d43182518ef689a648d39317527 88148 
lib32z1_1.2.8.dfsg-3_amd64.deb
 f81354af570214e0c3c294317bbd6f51371216006663cc1eaaecf55ae96f0ca0 184678 
zlib1g-dbg_1.2.8.dfsg-3_amd64.deb
 1cf5cbba2ad0704698d7492ab70aebce8f7ad448b09e52f53cc87887bbe22828 204894 
zlib1g-dev_1.2.8.dfsg-3_amd64.deb
 e7527e20330f6a57c9ffe28f42ee2d8be07d07f60e068d6f76ac852d072e0689 48456 
zlib1g-udeb_1.2.8.dfsg-3_amd64.udeb
 d64931c8032ab28dacfc94f7f9f50d487d9cb41906a774ea3f615d947db1e3c0 87408 
zlib1g_1.2.8.dfsg-3_amd64.deb
 609c500a7f1f11a85d8a766d32f851c5c1e5df969571487902ebe464239bcf08 6655 
zlib_1.2.8.dfsg-3_amd64.buildinfo
Files:
 cf5274954e37460dd68bae6ecb0537a9 2153 libs optional zlib_1.2.8.dfsg-3.dsc
 1383afa4afad1b3988e5c898708cfb6d 16596 libs optional 
zlib_1.2.8.dfsg-3.debian.tar.xz
 fa03aebd86ffc749ab1dd30272203c3a 90658 libdevel optional 
lib32z1-dev_1.2.8.dfsg-3_amd64.deb
 b4575acc0b32b0a4b2eb0968c6bdb768 88148 libs optional 
lib32z1_1.2.8.dfsg-3_amd64.deb
 39359aba4954e824899a45a31bedbe73 184678 debug extra 
zlib1g-dbg_1.2.8.dfsg-3_amd64.deb
 069f83e1fec767793e535949cd76d589 204894 libdevel optional 
zlib1g-dev_1.2.8.dfsg-3_amd64.deb
 a9fa89f5e8d07ef167fdd1fe0db3f887 48456 debian-installer optional 
zlib1g-udeb_1.2.8.dfsg-3_amd64.udeb
 a840cc91160b8930b5baaeb92c0337cd 87408 libs required 
zlib1g_1.2.8.dfsg-3_amd64.deb
 82117ac9364f7682b247fee649700e66 6655 libs optional 
zlib_1.2.8.dfsg-3_amd64.buildinfo
Package-Type: udeb

-----BEGIN PGP SIGNATURE-----

iQFHBAEBCAAxFiEEreZoqmdXGLWf4p/qJNaLcl1Uh9AFAlhH3GATHGJyb29uaWVA
ZGViaWFuLm9yZwAKCRAk1otyXVSH0O5hB/451L+5j+hHDl0wr67suhea57GOjEZv
HeWU1bUjmV9sQh+JAhjtwSjFcEgNY1HmoxKmPDWTwlRaoIHNh4861IU7uWA7ILFO
gJXGjj017dYULjCShGE+xpPgDkJoSlT6S0XeMVwup7YXLJWB0NgC8NVgWT+uY2DB
DDH2KVZ1+SxfxbH73+hID5FJr6pltHTMSQvBF16oSXvoRPtcJdGx9L4x7fbqe7TP
oGvfO/bzyWU30ax40wONyuaVvgeNI6+1hqt9+PUdZMLIphSyoUvFlTsUtvmlG1YY
/HAmE/B4IL+EdITnvrMYaGiwTtozBApkemM3HfrL4E8VXKXypDOe89Y4
=DE+b
-----END PGP SIGNATURE-----

--- End Message ---

Bug#847275: marked as done (zlib: CVE-2016-9843)

Reply via email to