Bug#960620: marked as done (openconnect: buffer overflow in certificate handling (CVE-2020-12823))

Fri, 15 May 2020 10:52:25 -0700 

Your message dated Fri, 15 May 2020 17:49:36 +0000
with message-id <[email protected]>
and subject line Bug#960620: fixed in openconnect 8.10-1
has caused the Debian Bug report #960620,
regarding openconnect: buffer overflow in certificate handling (CVE-2020-12823)
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
960620: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=960620
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message --- 
Package: openconnect
Version: 6.00-1
Severity: important
Tags: security

Openconnect is affected by a buffer overflow in certificate handling,
that goes back at least to 6.00-1 (old-old-stable).

Fixed upstream by:

https://gitlab.com/openconnect/openconnect/-/merge_requests/108

-- 
Kind regards,
Luca Boccassi

Attachment: signature.asc
Description: This is a digitally signed message part


--- End Message ---
--- Begin Message --- 
Source: openconnect
Source-Version: 8.10-1
Done: Luca Boccassi <[email protected]>

We believe that the bug you reported is fixed in the latest version of
openconnect, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Luca Boccassi <[email protected]> (supplier of updated openconnect package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 14 May 2020 18:51:18 +0100
Source: openconnect
Architecture: source
Version: 8.10-1
Distribution: unstable
Urgency: medium
Maintainer: Mike Miller <[email protected]>
Changed-By: Luca Boccassi <[email protected]>
Closes: 960620
Changes:
 openconnect (8.10-1) unstable; urgency=medium
 .
   * Update upstream source from tag 'upstream/8.10'
     - Fixes buffer overflow in certificate handling (CVE-2020-12823)
       (Closes: #960620)
   * Drop all patches, merged upstream
Checksums-Sha1:
 1199a2bc3ebda8caa9ef99efae3b32a19466b7bf 2574 openconnect_8.10-1.dsc
 2829320cfd7801baf4ceccc8d4f650a10994cd51 2084534 openconnect_8.10.orig.tar.gz
 0e31ea7f37f9e3938092aa9c41f9ea4d276bc9d3 833 openconnect_8.10.orig.tar.gz.asc
 8040e97fade1f31a381661a250384127a97ee6ef 14908 openconnect_8.10-1.debian.tar.xz
 9c8717f0d1b0bb059748f18f54badd8e453dc67e 7578 
openconnect_8.10-1_source.buildinfo
Checksums-Sha256:
 ebd7c495a568faa66f0ad610308512d13d28f4a1ae113ecd20e8f730c4988099 2574 
openconnect_8.10-1.dsc
 30e64c6eca4be47bbf1d61f53dc003c6621213738d4ea7a35e5cf1ac2de9bab1 2084534 
openconnect_8.10.orig.tar.gz
 def024366970d9c2b69d0b4ce049bae809a562903fedb60f7505ced0322f4343 833 
openconnect_8.10.orig.tar.gz.asc
 75961bdebc2c0bc8e35e8760f833cac5e6d282619159b6c1d51340cf220c553c 14908 
openconnect_8.10-1.debian.tar.xz
 eabd5c1d985c4f8102abb09c4af3fdba83d1fff67b739477df5035f50bee5784 7578 
openconnect_8.10-1_source.buildinfo
Files:
 8aece5f0df3e3c254105851578367d33 2574 net optional openconnect_8.10-1.dsc
 d772c3c68afae12252a5377a99352b97 2084534 net optional 
openconnect_8.10.orig.tar.gz
 36976d3263b4c9d8417528b2ac4e9f35 833 net optional 
openconnect_8.10.orig.tar.gz.asc
 d12e922bdce373f4dd761907107ab5b5 14908 net optional 
openconnect_8.10-1.debian.tar.xz
 350570525b476b85517f6168a6f20580 7578 net optional 
openconnect_8.10-1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQFFBAEBCgAvFiEE6g0RLAGYhL9yp9G8SylmgFB4UWIFAl6+05MRHGJsdWNhQGRl
Ymlhbi5vcmcACgkQSylmgFB4UWI4fQf+Mz7okA12QQeIyYeXeGGtUD7cejdXROnv
7jinRek9uBso8VwfyoqmQbGCFNbOa2++hyeyhhr3cqErxIbUIWfn6dUi+nmqzPG3
UjisutQLz9CIjDLrQ5Ypoi5WQpxHNpcJRlap3WSYCHx8jNibbqz627Mlt1Gh7WpB
ZmW+1ZsZJbT8o0dAo1UrGPSXW1dQQH8aa3cXrEGlnxj/GG+J2hFxfAuFl0xPB3wM
e4SeleyL/8qSFpoTUDfeUWJ+UHuPUj/+7G0DJZ/3GEsYkpmdIHJb50JD29tNgB6H
xuzKQ2LBMqEI+jrP7w4FNWZKnDt/85TIgf36JYJP0wWZVTPf6C3Iow==
=u0YC
-----END PGP SIGNATURE-----

--- End Message ---

Reply via email to