Your message dated Sun, 14 Jun 2026 16:48:49 +0000
with message-id <[email protected]>
and subject line Bug#1140003: fixed in openslide 3.4.1+dfsg-8
has caused the Debian Bug report #1140003,
regarding openslide: CVE-2026-48977
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
1140003: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1140003
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: openslide
Version: 3.4.1+dfsg-7
Severity: grave
Tags: security upstream
X-Debbugs-Cc: [email protected], Debian Security Team <[email protected]>
Hi,
The following vulnerability was published for openslide.
CVE-2026-48977[0]:
| Arbitrary memory write with crafted Ventana BIF file
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2026-48977
https://www.cve.org/CVERecord?id=CVE-2026-48977
[1]
https://github.com/openslide/openslide/security/advisories/GHSA-mxg2-48g7-fmwc
Please adjust the affected versions in the BTS as needed.
Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: openslide
Source-Version: 3.4.1+dfsg-8
Done: Étienne Mollier <[email protected]>
We believe that the bug you reported is fixed in the latest version of
openslide, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Étienne Mollier <[email protected]> (supplier of updated openslide package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sun, 14 Jun 2026 18:20:29 +0200
Source: openslide
Architecture: source
Version: 3.4.1+dfsg-8
Distribution: unstable
Urgency: medium
Maintainer: Debian Med Packaging Team
<[email protected]>
Changed-By: Étienne Mollier <[email protected]>
Closes: 1140003
Changes:
openslide (3.4.1+dfsg-8) unstable; urgency=medium
.
* Team upload.
* CVE-2026-48977.patch: new: fix CVE-2026-48977.
The change lacks attempt to apply the test case, because the binary
representation of a newly introduced test file is not possible in the
patch. (Closes: #1140003)
* d/control: drop redundant Rules-Requires-Root: no.
* d/control: drop redundant Priority: optional.
* d/control: declare compliance to standards version 4.7.4.
* d/watch: convert to watch file version 5.
* d/copyright: drop the old FSF mail address.
Checksums-Sha1:
9ec2e3810e282cb5ca9ab740cf5b323501b2c458 2714 openslide_3.4.1+dfsg-8.dsc
965948055c4f8399ed4870ecd427ed3db4cfeb53 20440
openslide_3.4.1+dfsg-8.debian.tar.xz
Checksums-Sha256:
2f1dda6b53c7673848498c32ca3e72d1f8206dfbbec728e8824409e161c7a157 2714
openslide_3.4.1+dfsg-8.dsc
6c374bde4bd7c8d3b9650de8522959c87ea2b85246df1e8042818447518a9fd9 20440
openslide_3.4.1+dfsg-8.debian.tar.xz
Files:
a156533cbefd7c69622c394c67c108ea 2714 libs optional openslide_3.4.1+dfsg-8.dsc
7686bb2ea621bb291a807aaf41cc27c1 20440 libs optional
openslide_3.4.1+dfsg-8.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
iQJIBAEBCgAyFiEEj5GyJ8fW8rGUjII2eTz2fo8NEdoFAmou1nEUHGVtb2xsaWVy
QGRlYmlhbi5vcmcACgkQeTz2fo8NEdqPXA/9GmA5Glcp3U+D0DeE4CHk8YJ0QnE+
Z83Am0I7wYqHtxlOpDFHZs7I3tdO45Aq1quC0XwAIuwfiB8kV69QW73BO9AyWyW3
qn0mTaMB3/J4/g+CeZyaqsYrvjeFTMXJlhruy6iMNhsvcyiEmfdsj/XiysY6L8io
RX4bo6QPEKQyg5pPruEhup3RI1RgYAgfsQxE10mqmen7EEFVDUVSbLYKIEbb7KBD
Vhq2H7/egLkUDuGGFp/aZGhBYpo/9Mtzln+42XxgqgCNjqjyu3izLVRtSToNwgtR
cD/fku94LCSKQ9/1FcqzPE7Eb4f8y5tGH6KqZkvZw+vJIU9fglw0FfTkovjY6JNF
z/MvHcC6FU969YNt8ELevdeeZ3wLDF84V6zCbJ2gY/7TSsaW0X+1MRNwGr102Uex
e0eJ+ORT8kXv7+7nm5MUWxf/0A308eXKXbAKFgkcKc+4U0eBn7eCUFtbRdsMrj2q
5VQ4gBVgKQSrX2XTQp8TQ805ol4o8dvpX9QDsoDkmfLLkkLgw1Ah7rr1AOzCn89n
6J4dj9Cs5f1aOqpYVhmGhb+ONo95k1zcOXQOSVoM+FiRWJTEhgRDw1eoxcPi2Ikd
bc3huTnVoC7mdiEpnVXa64ZStaqr7sSv+GbHyJGoL1MH2u9Of0SznzCB40huvoaW
agOFay94Qh7lh+E=
=exLs
-----END PGP SIGNATURE-----
pgpDKH4wHr7rF.pgp
Description: PGP signature
--- End Message ---
