Bug#648359: marked as done ([CVE-2011-4000] Unspecified buffer overflow vulnerability)

Wed, 07 Dec 2011 18:51:18 -0800 

Your message dated Thu, 08 Dec 2011 02:47:32 +0000
with message-id <e1ryu1e-0005xb...@franck.debian.org>
and subject line Bug#648359: fixed in chasen 2.4.4-17
has caused the Debian Bug report #648359,
regarding [CVE-2011-4000] Unspecified buffer overflow vulnerability
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
648359: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=648359
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message --- 
Package: libchasen2
Version: 2.4.4-16
Severity: grave
Tags: security

JPCERT disclosed an unspecified buffer overflow vulnerability in
ChaSen:

<http://jvn.jp/en/jp/JVN16901583/index.html>

Apparently, upstream will not provide patches.  Would you be willing
to work on this issue if we can obtain further details?

--- End Message ---
--- Begin Message --- 
Source: chasen
Source-Version: 2.4.4-17

We believe that the bug you reported is fixed in the latest version of
chasen, which is due to be installed in the Debian FTP archive:

chasen-dictutils_2.4.4-17_i386.deb
  to main/c/chasen/chasen-dictutils_2.4.4-17_i386.deb
chasen_2.4.4-17.diff.gz
  to main/c/chasen/chasen_2.4.4-17.diff.gz
chasen_2.4.4-17.dsc
  to main/c/chasen/chasen_2.4.4-17.dsc
chasen_2.4.4-17_i386.deb
  to main/c/chasen/chasen_2.4.4-17_i386.deb
libchasen-dev_2.4.4-17_i386.deb
  to main/c/chasen/libchasen-dev_2.4.4-17_i386.deb
libchasen2_2.4.4-17_i386.deb
  to main/c/chasen/libchasen2_2.4.4-17_i386.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 648...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
NOKUBI Takatsugu <k...@daionet.gr.jp> (supplier of updated chasen package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Thu, 08 Dec 2011 01:58:33 +0000
Source: chasen
Binary: libchasen-dev libchasen2 chasen chasen-dictutils
Architecture: source i386
Version: 2.4.4-17
Distribution: unstable
Urgency: low
Maintainer: NOKUBI Takatsugu <k...@daionet.gr.jp>
Changed-By: NOKUBI Takatsugu <k...@daionet.gr.jp>
Description: 
 chasen     - Japanese Morphological Analysis System
 chasen-dictutils - Japanese Morphological Analysis System - utilities for 
dictionary
 libchasen-dev - Japanese Morphological Analysis System (libraries and headers)
 libchasen2 - Japanese Morphological Analysis System (shared libraries)
Closes: 648359
Changes: 
 chasen (2.4.4-17) unstable; urgency=low
 .
   * debian/patches/sparse_main-secfix.dpatch: Added a security patch
     for CVE-2011-4000, closes: #648359
Checksums-Sha1: 
 f4773f13aaf1c8d629f1392b71752e311bf532e0 1248 chasen_2.4.4-17.dsc
 29cbd230092d075540539dfb087055c1328ebbdd 9837 chasen_2.4.4-17.diff.gz
 938fd44da9b7485b33f0f208f1f317f10c200e7b 54810 libchasen-dev_2.4.4-17_i386.deb
 f8498c7d1f08a1289e6782f4e984ae4cf67c457f 51858 libchasen2_2.4.4-17_i386.deb
 c239c8a402742ce5e9a6566f1a58cb443116e6e4 461836 chasen_2.4.4-17_i386.deb
 507840b18833161bd1d3165d2c0bdf2880d4decc 24788 
chasen-dictutils_2.4.4-17_i386.deb
Checksums-Sha256: 
 a3f49248e31b7738b934d3cd609d8716f06200736a7f0836c4db76af3b969601 1248 
chasen_2.4.4-17.dsc
 5d3512eeab5dc01123e8891eafd4b41af374deeca9745ee6bc31609ab1e16baf 9837 
chasen_2.4.4-17.diff.gz
 d5bdf55778f1f56efda252ba778d53fb8ff91bb1643be6b9c19d46d9dd0ec21b 54810 
libchasen-dev_2.4.4-17_i386.deb
 b30e2bf8dd2bba0c3924d73969cdbf8582e08b307749cd15e70dc6b2fd673ff4 51858 
libchasen2_2.4.4-17_i386.deb
 81ec188a1626c0883e039ddb608e6d5437f9d74ed180a157fd19d8b103f54361 461836 
chasen_2.4.4-17_i386.deb
 760dbeff96da2acf52e27d49431a0874d5f9a2613302738809b9fc42a53f9224 24788 
chasen-dictutils_2.4.4-17_i386.deb
Files: 
 2007acc5bce100313f2daa993faa689d 1248 misc optional chasen_2.4.4-17.dsc
 30a8175ed0b8a605d730c3e68a06d281 9837 misc optional chasen_2.4.4-17.diff.gz
 aecee1dd3efc65d0aea684e1291a4ec9 54810 libdevel optional 
libchasen-dev_2.4.4-17_i386.deb
 06d062134f098cb5c342f12d2e421b4c 51858 libs optional 
libchasen2_2.4.4-17_i386.deb
 edec48f400792fa65035cee3f6d462f0 461836 misc optional chasen_2.4.4-17_i386.deb
 7c61f435f39ba3148136056cad756476 24788 misc optional 
chasen-dictutils_2.4.4-17_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iD8DBQFO4Bs7K6gmAsLOgJkRArsGAJwNFOX12B9U/PXzP4uxc+3ddbKYfwCgjyic
/6kk1OxKMKeBQrUbXcnNLZ8=
=ip5e
-----END PGP SIGNATURE-----

--- End Message ---

Reply via email to