Your message dated Thu, 12 Apr 2018 23:52:03 +0000
with message-id <e1f6m0z-000bzb...@fasolo.debian.org>
and subject line Bug#895564: fixed in r-cran-readxl 1.0.0-2
has caused the Debian Bug report #895564,
regarding CVE-2017-2896 CVE-2017-2897 CVE-2017-2919 CVE-2017-12111 
CVE-2017-12110
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
895564: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=895564
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: r-cran-readxl
Severity: grave
Tags: security

r-cran-readxl bundles libxls which is affected by a number of security 
vulnerabilities:

https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0426
https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0404
https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0403

Cheers,
        Moritz

--- End Message ---
--- Begin Message ---
Source: r-cran-readxl
Source-Version: 1.0.0-2

We believe that the bug you reported is fixed in the latest version of
r-cran-readxl, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 895...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Dirk Eddelbuettel <e...@debian.org> (supplier of updated r-cran-readxl package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Thu, 12 Apr 2018 18:16:20 -0500
Source: r-cran-readxl
Binary: r-cran-readxl
Architecture: source amd64
Version: 1.0.0-2
Distribution: unstable
Urgency: medium
Maintainer: Dirk Eddelbuettel <e...@debian.org>
Changed-By: Dirk Eddelbuettel <e...@debian.org>
Description:
 r-cran-readxl - GNU R package to read Excel files
Closes: 895564
Changes:
 r-cran-readxl (1.0.0-2) unstable; urgency=medium
 .
   * src/endian.c: Updated from libxls upstream (Closes: #895564)
   * src/libxls/endian.h: Idem
   * src/libxls/ole.h: Idem
   * src/libxls/xls.h: Idem
   * src/libxls/xlsstruct.h: Idem
   * src/libxls/xlstool.h: Idem
   * src/libxls/xlstypes.h: Idem
   * src/ole.c: Idem
   * src/xls.c: Idem
   * src/xlstool.c: Idem
 .
   * debian/control: Set Build-Depends: to current R version
   * debian/control: Set Standards-Version: to current version
   * debian/control: Add Vcs-Browser: and Vcs-Git:
   * debian/compat: Increase level to 9
   * debian/control: Switch from cdbs to dh-r
   * debian/rules: Idem
Checksums-Sha1:
 98c6f708029a56989a4f1734beb7627a5809f694 1918 r-cran-readxl_1.0.0-2.dsc
 40cbd8d4d6a4148be5eb2046dddb208a39790aeb 22132 
r-cran-readxl_1.0.0-2.debian.tar.xz
 fe3efa98de3ed40f0bc51e06625cb09afa6d7109 1291132 
r-cran-readxl-dbgsym_1.0.0-2_amd64.deb
 2f854f0f1cee7c17e4fc06054057a58f40aa66c8 8505 
r-cran-readxl_1.0.0-2_amd64.buildinfo
 3a527b9ad41b5aa5eaf5dcba9a56d09b30cea29b 694924 r-cran-readxl_1.0.0-2_amd64.deb
Checksums-Sha256:
 d93ff910e1a2232266b266601904e256c62fd4182f199ae7e0a7db2f59adbd2c 1918 
r-cran-readxl_1.0.0-2.dsc
 a9d09c1e429bd89468ca7276a5f5c444d5baf5d4817ce4a95559fd40d79824af 22132 
r-cran-readxl_1.0.0-2.debian.tar.xz
 cd083c6bb9627609c80ca0091c30832cddf68e4137cb689bfad4e1bb5ad98eb4 1291132 
r-cran-readxl-dbgsym_1.0.0-2_amd64.deb
 cfeedb526daebb485f3dda9c14a5874634e31b45b09c95442ed9341c2f918ca0 8505 
r-cran-readxl_1.0.0-2_amd64.buildinfo
 bfb2b78379effadd76b3527679210e8a2f08657928cbf69a20fa3a38e3678adb 694924 
r-cran-readxl_1.0.0-2_amd64.deb
Files:
 e06f88aaa6baae80268eecb72f4fb688 1918 gnu-r optional r-cran-readxl_1.0.0-2.dsc
 0a9a9c5c5ba9289c9057315ab2bd0e41 22132 gnu-r optional 
r-cran-readxl_1.0.0-2.debian.tar.xz
 f309d8debf7674367f5c191754be5e64 1291132 debug optional 
r-cran-readxl-dbgsym_1.0.0-2_amd64.deb
 f81bbc2c954a4e7cc7d9abbd84c631ff 8505 gnu-r optional 
r-cran-readxl_1.0.0-2_amd64.buildinfo
 7503c6f2801dfbb620e8050505bb8a06 694924 gnu-r optional 
r-cran-readxl_1.0.0-2_amd64.deb

-----BEGIN PGP SIGNATURE-----

iQIVAwUBWs/rK6FIn+KrmaIaAQiqvg/8DKmEdh2SWIoOnwfIKQfa+kJ90Vuyc4Lv
DKyKi3Ww4LrIOtNZ5LOAFWnCFK/lpz3mViqmdVEjpg1a9TYN/VI8uVIq0xvRjaE8
G3cJMRsq9HLk42ZVNXO9mf9PxSnLHnju54GRCLe56N4RT897my+bv/fh++QljB24
U8XuqWazmuWpH69+xDr6WugQ2BsazYIiR3qlDId48v4ZaNyDfedgiXliTjwGzFUD
KnmPDI4f83gEcPKYSbBs1DCZLsagoJn1NxvGwo1WQfZqrxt2AB6FyiRJaGvJ8Kde
YAcned5kdVw3TluAqtKYfVCWrblGc8zjuGFlYVIMXrB0VVyT30O9woBwL7JNps7T
9q21Mi25cCb53dig1WQGNQXYjsO5JDcniBdhY6QIXlwEwKL64yAyqcKMw3SoPBt3
83RRrQlp6/bkTyhlIRn7ZpME3myEP10oedI/ikJ9lVs6hRRz/PJ0b4yDIFsY9GRh
auRPBlToBUAAmsCB5/Q96lundSekVdcYK7n6dIJ9lPMDwcBa5WM+vzKpI2JqonOc
Dj63qrHEMhcz1PRQEUYOnXUJAad4kkKcP/GrYoDT4rhBsWW7RAg0JeHsh3Y4JV4T
Xb+Ogqesq5QZVxYuYoBdgC3tpTEJjGBn70MgbpHhG+J/sX5I+ZFidv4LFVdbiesu
DHi+H/XPaNM=
=EGZ7
-----END PGP SIGNATURE-----

--- End Message ---

Reply via email to