Your message dated Fri, 25 Oct 2024 21:35:27 +0000
with message-id <[email protected]>
and subject line Bug#1086061: fixed in htmldoc 1.9.18-3
has caused the Debian Bug report #1086061,
regarding htmldoc: CVE-2024-46478
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
1086061: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1086061
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: htmldoc
Version: 1.9.18-2
Severity: important
Tags: security upstream
Forwarded: https://github.com/michaelrsweet/htmldoc/issues/529
X-Debbugs-Cc: [email protected], Debian Security Team <[email protected]>
Hi,
The following vulnerability was published for htmldoc.
CVE-2024-46478[0]:
| HTMLDOC v1.9.18 contains a buffer overflow in parse_pre function,ps-
| pdf.cxx:5681.
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2024-46478
https://www.cve.org/CVERecord?id=CVE-2024-46478
[1] https://github.com/michaelrsweet/htmldoc/issues/529
[2]
https://github.com/michaelrsweet/htmldoc/commit/683bec548e642cf4a17e003fb34f6bbaf2d27b98
Please adjust the affected versions in the BTS as needed.
Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: htmldoc
Source-Version: 1.9.18-3
Done: Håvard F. Aasen <[email protected]>
We believe that the bug you reported is fixed in the latest version of
htmldoc, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Håvard F. Aasen <[email protected]> (supplier of updated htmldoc package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Fri, 25 Oct 2024 23:07:43 +0200
Source: htmldoc
Architecture: source
Version: 1.9.18-3
Distribution: unstable
Urgency: medium
Maintainer: Håvard F. Aasen <[email protected]>
Changed-By: Håvard F. Aasen <[email protected]>
Closes: 1086061
Changes:
htmldoc (1.9.18-3) unstable; urgency=medium
.
* Patch from upstream to fix buffer overflow.
Closes: #1086061 and CVE-2024-46478
Checksums-Sha1:
f86c0a66a492c8e64da6263d4d0a5018abd6edde 1649 htmldoc_1.9.18-3.dsc
8ebe1f1a10e189848670e1f69e85f033b99f9ed2 15732 htmldoc_1.9.18-3.debian.tar.xz
b06c00107a43704c1f4243cf52ae0c0487b17007 9098 htmldoc_1.9.18-3_amd64.buildinfo
Checksums-Sha256:
bee4e96363fadf7917e50fbf6b67fffc1b5fde508a4ec70f64beb0cf80d3a87f 1649
htmldoc_1.9.18-3.dsc
8d80547dea4fb3ced7b3915d055d095881b57ee6123b4de831bd5ba3076c0f8f 15732
htmldoc_1.9.18-3.debian.tar.xz
bc9291dba3951765a33e6a4ec8e44066197661f8a78fe94ba28ac43cb4081713 9098
htmldoc_1.9.18-3_amd64.buildinfo
Files:
12bf9e7f8cc8608801e3bd66941002b5 1649 web optional htmldoc_1.9.18-3.dsc
e5356804bcad08c27200dfcd46b93c95 15732 web optional
htmldoc_1.9.18-3.debian.tar.xz
c4045e0c2f9dfb9d10559e762cc3a915 9098 web optional
htmldoc_1.9.18-3_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iI0EARYIADUWIQSD/42dLkLq3fzhpN2I4w6v/UfCtwUCZxwLzBccaGF2YXJkLmYu
YWFzZW5AcGZmdC5ubwAKCRCI4w6v/UfCt8aZAQDDhwd2tOgfaCQHVGuKexxg2UV0
vSLiJUJ7c/bDZxVkCwD+JJrgtF9ikrjoIUl522MenYFt2wttVerRHp/3UIs+tQU=
=KsyD
-----END PGP SIGNATURE-----
pgp15FZDyzBrz.pgp
Description: PGP signature
--- End Message ---
