Your message dated Tue, 29 Jul 2008 09:14:18 +0200
with message-id <[EMAIL PROTECTED]>
and subject line Re: Bug#492806: libavformat52: does not handle STR file
demuxing (CVE-2008-3162)
has caused the Debian Bug report #492806,
regarding libavformat52: does not handle STR file demuxing (CVE-2008-3162)
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [EMAIL PROTECTED]
immediately.)
--
492806: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=492806
Debian Bug Tracking System
Contact [EMAIL PROTECTED] with problems
--- Begin Message ---
Package: libavformat52
Version: 0.svn20080206-11
Severity: grave
Tags: security
Justification: user security hole
ubuntu just updated their libavformat packages to patch a problem with
STR file demuxing [1]. does this problem apply to debian as well? the
CVE number is CVE-2008-3162 [2].
[1] http://www.ubuntu.com/usn/usn-630-1
[2] http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3162
-- System Information:
Debian Release: lenny/sid
APT prefers unstable
APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable'), (1,
'experimental')
Architecture: i386 (i686)
Kernel: Linux 2.6.24-etchnhalf.1-686 (SMP w/1 CPU core)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages libavformat52 depends on:
ii libavcodec51 0.svn20080206-11 ffmpeg codec library
ii libavutil49 0.svn20080206-11 ffmpeg utility library
ii libc6 2.7-12 GNU C Library: Shared libraries
ii zlib1g 1:1.2.3.3.dfsg-12 compression library - runtime
libavformat52 recommends no packages.
libavformat52 suggests no packages.
-- no debconf information
--- End Message ---
--- Begin Message ---
Version: 0.svn20080206-10
merge 492806 489965
stop
Michael Gilbert <[EMAIL PROTECTED]> writes:
> Package: libavformat52
> Version: 0.svn20080206-11
> Severity: grave
> Tags: security
> Justification: user security hole
>
> ubuntu just updated their libavformat packages to patch a problem with
> STR file demuxing [1]. does this problem apply to debian as well? the
> CVE number is CVE-2008-3162 [2].
>
> [1] http://www.ubuntu.com/usn/usn-630-1
> [2] http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3162
Thanks for your report but this bug is a clear dupe of #489965.
--
Gruesse/greetings,
Reinhard Tartler, KeyID 945348A4
--- End Message ---