Your message dated Sat, 28 Jul 2018 13:35:39 +0000
with message-id <[email protected]>
and subject line Bug#902176: fixed in libjpeg9 1:9c-1
has caused the Debian Bug report #902176,
regarding libjpeg9: CVE-2018-11212 CVE-2018-11213 CVE-2018-11214
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
902176: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=902176
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: libjpeg9
Severity: normal
Tags: security
There have been three reports of minor bugs in libjpeg, which
ended up getting a CVE ID assigned:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11214
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11213
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11212
They all seem fairly harmless and I'm not sure if they've
been reported upstream.
Cheers,
Moritz
--- End Message ---
--- Begin Message ---
Source: libjpeg9
Source-Version: 1:9c-1
We believe that the bug you reported is fixed in the latest version of
libjpeg9, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Bill Allombert <[email protected]> (supplier of updated libjpeg9 package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sat, 28 Jul 2018 14:35:23 +0200
Source: libjpeg9
Binary: libjpeg9 libjpeg9-dev libjpeg-progs
Architecture: source amd64
Version: 1:9c-1
Distribution: unstable
Urgency: medium
Maintainer: Bill Allombert <[email protected]>
Changed-By: Bill Allombert <[email protected]>
Description:
libjpeg-progs - Programs for manipulating JPEG files
libjpeg9 - Independent JPEG Group's JPEG runtime library
libjpeg9-dev - Development files for the IJG JPEG library
Closes: 902176
Changes:
libjpeg9 (1:9c-1) unstable; urgency=medium
.
* New upstream release
- patches CVE-2016-3616, CVE-2016-3616-2: removed
- CVE fixed: CVE-2016-3616, CVE-2018-11212, CVE-2018-11213, CVE-2018-11214
Closes: #902176
* debian/control:
- Bump standard version to 4.1.5.
- replace libjpeg-dbg by libjpeg9-dbgsym, libjpeg-progs-dbgsym
* debian/control, debian/rules, debian/compat:
+ switch to debhelper v9
Checksums-Sha1:
2726acbcde60ff621818f08d20bab635f2519c7d 1816 libjpeg9_9c-1.dsc
2ce111c8c0ac828a44b13ad28c265e954a342d07 1028134 libjpeg9_9c.orig.tar.gz
82d584579767eef3ed4c4b9b5615b3a2dfcb9a0f 12828 libjpeg9_9c-1.debian.tar.xz
43c20c320956e439a2e956347edbf9d251c546cc 126356
libjpeg-progs-dbgsym_9c-1_amd64.deb
aa1fadd2c70d4ddca429b05171b928b09e07ca94 84760 libjpeg-progs_9c-1_amd64.deb
409cfcab34ffbdba36fd774532431f657673b74d 306572 libjpeg9-dbgsym_9c-1_amd64.deb
0ea5700aa74812cadcc9c4eeccb20edf1865148b 220012 libjpeg9-dev_9c-1_amd64.deb
1d5319844399959d4b8a8d4fd588a37cc06e55e3 6640 libjpeg9_9c-1_amd64.buildinfo
9ec36af9ee9dc295367f7223238cc9574746424a 122412 libjpeg9_9c-1_amd64.deb
Checksums-Sha256:
b270957e06ab36abc7fdd41764909a0c0020987d09a8aa2f5b75e36d433d0bd8 1816
libjpeg9_9c-1.dsc
650250979303a649e21f87b5ccd02672af1ea6954b911342ea491f351ceb7122 1028134
libjpeg9_9c.orig.tar.gz
d5618732e61facc3e5dcb6e26b1d383dd9108913a94b0f54994dd42f2859fdbb 12828
libjpeg9_9c-1.debian.tar.xz
ce3944e953d18122f90d90201ac92d6c6bc6cd18f78efa32e65a3754923131f9 126356
libjpeg-progs-dbgsym_9c-1_amd64.deb
4a5d5ee63c0cd96d1879924349c22aa4d2ee6823a8bf6c0c34385e89a806e171 84760
libjpeg-progs_9c-1_amd64.deb
eae3dc5d0ff7ed613e0d290dafbebd948d55c463f99e7541c4328208b6f42bc3 306572
libjpeg9-dbgsym_9c-1_amd64.deb
67194916aacf58bebb35cbbbbe15943f15f0c33c998e0e08ece87157e0da7307 220012
libjpeg9-dev_9c-1_amd64.deb
b7a0aa6827553215fe4bcfbc4db46fe5044000e85c7085890754a6d3069581d4 6640
libjpeg9_9c-1_amd64.buildinfo
ad5ebf2b1f0c6a5fd14aa0d356662b93cff06eb21771ed6ccf8d67d12b25cc35 122412
libjpeg9_9c-1_amd64.deb
Files:
dcdd812f6d8bd448775a8d306e8b188d 1816 graphics optional libjpeg9_9c-1.dsc
93c62597eeef81a84d988bccbda1e990 1028134 graphics optional
libjpeg9_9c.orig.tar.gz
94867655717e4d5f624dab87fefe6503 12828 graphics optional
libjpeg9_9c-1.debian.tar.xz
b9719dbd92cc282fb49ce230eb1c8e9e 126356 debug optional
libjpeg-progs-dbgsym_9c-1_amd64.deb
505e7eb41ac559b6703728ac0c48fe09 84760 graphics optional
libjpeg-progs_9c-1_amd64.deb
e809d4002bc69e68f14ecfc5498eaf96 306572 debug optional
libjpeg9-dbgsym_9c-1_amd64.deb
19ae65a0929d873fb32a06dc6c1432a5 220012 libdevel optional
libjpeg9-dev_9c-1_amd64.deb
c35f63ca83ab7a625f05c1850cf5720d 6640 graphics optional
libjpeg9_9c-1_amd64.buildinfo
f3fbae8f2eee813ce06aaa397cf74b07 122412 libs optional libjpeg9_9c-1_amd64.deb
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEQgKOpASi6dgKxFMUjw58K0Ui44cFAltcZjIACgkQjw58K0Ui
44e8VQ//YzDh3zSo/JdubXIu3cR5Jw9uoPEQaA79Zkj5TZ51zmbhmsg9UOpZUq7V
kb8AmLCdoZ1rGK/5t5kWgnmxYHeaE+R0Q/W9J6kT3dJ9zoiK7eG5GN6sopreeN4L
vcRBGQkuVyot4JcSYenQ0Lsc0kwgsM5HhLg5vnO3dWsii+pMdTEVQPI3PDOafkUC
YA1+IZ1fPVjR403NAhw6KaypnyF2z8kdpIPjWmdrNuH+mG7YgT/r/TLA6KwODjxm
QW7MksSlmDj6B1NbGA2AoUQDtJJCLmD4/DE4dsQbFRjFJSXUu9YRSOKUpIhiax0k
WjwdfN7lTvRYPCw0LYq4Q4n5yjq0HKp1FAQs7b8P5QnYsLE94Bsk/2bW7w9SwiI3
buinCYjOe0gVKw6o7ynvuoLYk/kk6+DRLYYtiXAoSzfv3sBR63rS2B2nz3CbE/cY
swCAm0WVQ3Ys/ot9aby9BYkP4/s/RyFR0skX1dy+hr8grpvzzCtW5W8xzo4C5qaR
AKz+tJIOc5rtJ7NW/Vr/Zdz8S8SNMLpg2PNs1Psv2NDtbIS5CXtsJ+5UsoAk7fj0
hG9a8iongFePx6+/k4FbdwVQi2xNVPqEz8NDGdS4l2E85glW0276jLlujaFL/cXI
OD5sj2pIAs61Df7oILghA7jij3WHx6HsgW2HlZKjMa4GOtMp7dU=
=NAO0
-----END PGP SIGNATURE-----
--- End Message ---
