Your message dated Sun, 31 May 2020 19:33:35 +0000
with message-id <[email protected]>
and subject line Bug#933884: fixed in gnucobol 3.0~rc1-2
has caused the Debian Bug report #933884,
regarding CVE-2019-14541 CVE-2019-14528 CVE-2019-14486 CVE-2019-14468
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
933884: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=933884
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: gnucobol
Severity: important
Tags: security

There have been a few CVE assignments for some fuzzing done on GNU Cobol:

CVE-2019-14541:
https://sourceforge.net/p/open-cobol/bugs/584/

CVE-2019-14528:
https://sourceforge.net/p/open-cobol/bugs/583/

CVE-2019-14486:
https://sourceforge.net/p/open-cobol/bugs/582/

CVE-2019-14468:
https://sourceforge.net/p/open-cobol/bugs/581/

Cheers,
        Moritz
 

--- End Message ---
--- Begin Message ---
Source: gnucobol
Source-Version: 3.0~rc1-2
Done: Al Stone <[email protected]>

We believe that the bug you reported is fixed in the latest version of
gnucobol, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Al Stone <[email protected]> (supplier of updated gnucobol package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Sun, 31 May 2020 13:04:18 -0600
Source: gnucobol
Architecture: source
Version: 3.0~rc1-2
Distribution: unstable
Urgency: medium
Maintainer: Al Stone <[email protected]>
Changed-By: Al Stone <[email protected]>
Closes: 96166 933884
Changes:
 gnucobol (3.0~rc1-2) unstable; urgency=medium
 .
   * Add in autopkgtests in debian/tests
   * Closes: #933884 -- several CVEs have been repaired and those
     repairs are present in this version.  NB: autopkgtest test cases
     for these have also been added.
   * Closes: #96166 -- source only upload
   * Push to unstable.
Checksums-Sha1:
 1796112b59d9044312e2ea0264fe29841024d3fe 2035 gnucobol_3.0~rc1-2.dsc
 656ee20b662afac979962bfa4105bf11d1dc9496 18852 gnucobol_3.0~rc1-2.debian.tar.xz
 672fb6915911a50533c6190590492f2b48452e1a 9110 
gnucobol_3.0~rc1-2_amd64.buildinfo
Checksums-Sha256:
 30545b3b2e6abe735ea7290b6851d91d47ba2398b12227e77b439e68c3f1edf5 2035 
gnucobol_3.0~rc1-2.dsc
 a3dd0fea06b5109843575eb326efa1a5ed6388b927896ffd9efdc361d0ce529e 18852 
gnucobol_3.0~rc1-2.debian.tar.xz
 630d364d999669528669b5b51682cf68c8498f831e9e06df3a0e982c6119417e 9110 
gnucobol_3.0~rc1-2_amd64.buildinfo
Files:
 8684445fd15b2e3e2e76dab122272851 2035 devel optional gnucobol_3.0~rc1-2.dsc
 bac13f5257c72ea021b62379dc7cc740 18852 devel optional 
gnucobol_3.0~rc1-2.debian.tar.xz
 b10597ec409048a6d3ffc5284c712cba 9110 devel optional 
gnucobol_3.0~rc1-2_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEiclaKI7ZGQ+4GJLWUwywAtdhsWwFAl7UAFEACgkQUwywAtdh
sWyoUg//Ul5erLZ0vpX8WxLuIxErPyNkHoE+hHTZXu6pmZRs/abriYdmjxkc3grR
6fa2Q5Q86jNNg0CbeUZbWnGFhW+V62NPtIwPitLqSG5zJOAwPairjcLDnKGyQUSo
0xauRmw/EHslXEFehybl3FPhIOE/zZD8tsZLitaHxiAEI+rP86IXXt2p8Lb9ozSh
vRMUsoQ4bW/l44WoRdtbm8dBOkw3+9FU17uvy6Fn+tMTpvwyY/OYu6/yMKLLjYhA
QoB+9iNh00FA7osPx1LrhNCRlZw2865LMO+ca/7HKoBK8MYlNRAEBpCUJ4gqqXM4
yvP1qUDQQ3C+J/SmTtjl7m28++7HBCAAFl0GWqCTU4nWBGx0Pgc4XEkQpdE++1bU
uRM0IMG80K69207eVQnpk9XhteMuAB536JqMBOvFK3Ek0ifwzYR2/CIXoM8w6A+J
ECre8eQORktRUucv0bOazP8RtT3Hg0DX2iWp1SAyVkbkcJCzHWbLyHVm4L2Q74Q5
8FuRgzLZq+WElq4NCYh76Kh7HTRC4Y+VCaMjtn7gScp/42bB/btBT3x1yOaBa5qC
7AH+OdUf4Rwp4CWUFLzYpz1MBP5ywQ80LPWXwZBxKf6GtHrLo2RmeQxTXhuHef/y
cdDe4VYBaO7hKeQrAsM2+c+Y+RLEGz6ChQ6rBThnT/d2LwANOkg=
=8yFc
-----END PGP SIGNATURE-----

--- End Message ---

Reply via email to