Your message dated Wed, 25 Feb 2015 01:48:42 +0000
with message-id <e1yqr5e-0004lk...@franck.debian.org>
and subject line Bug#778948: fixed in e2fsprogs 1.42.12-1.1
has caused the Debian Bug report #778948,
regarding e2fsprogs: CVE-2015-1572 buffer overflow
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
778948: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=778948
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
package: src:e2fsprogs
severity: important
tags: security
A buffer overflow issue was recently fixed for e2fsprogs:
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-1572
Best wishes,
Mike
--- End Message ---
--- Begin Message ---
Source: e2fsprogs
Source-Version: 1.42.12-1.1
We believe that the bug you reported is fixed in the latest version of
e2fsprogs, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 778...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Michael Gilbert <mgilb...@debian.org> (supplier of updated e2fsprogs package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sun, 22 Feb 2015 01:50:57 +0000
Source: e2fsprogs
Binary: e2fsck-static libcomerr2 comerr-dev libss2 ss-dev e2fsprogs-udeb
e2fslibs e2fslibs-dev e2fsprogs e2fsprogs-dbg e2fslibs-dbg libcomerr2-dbg
libss2-dbg
Architecture: source
Version: 1.42.12-1.1
Distribution: unstable
Urgency: high
Maintainer: Theodore Y. Ts'o <ty...@mit.edu>
Changed-By: Michael Gilbert <mgilb...@debian.org>
Description:
comerr-dev - common error description library - headers and static libraries
e2fsck-static - statically-linked version of the ext2/ext3/ext4 filesystem
checke
e2fslibs - ext2/ext3/ext4 file system libraries
e2fslibs-dbg - debugging information for e2fslibs
e2fslibs-dev - ext2/ext3/ext4 file system libraries - headers and static
librari
e2fsprogs - ext2/ext3/ext4 file system utilities
e2fsprogs-dbg - debugging information for e2fsprogs
e2fsprogs-udeb - stripped-down versions of e2fsprogs, for debian-installer
(udeb)
libcomerr2 - common error description library
libcomerr2-dbg - debugging information for libcomerr2
libss2 - command-line interface parsing library
libss2-dbg - debugging information for libss2
ss-dev - command-line interface parsing library - headers and static libra
Closes: 778948
Changes:
e2fsprogs (1.42.12-1.1) unstable; urgency=high
.
* Non-maintainer upload by the Security Team.
* Fix CVE-2015-1572: incomplete fix for CVE-2015-0247 (closes: #778948).
Checksums-Sha1:
af4db6e8cc99d271f62cad9ddac94ef74664128a 3248 e2fsprogs_1.42.12-1.1.dsc
ac1ed4de29699af07b17fa0f37389af8c863ee09 65312
e2fsprogs_1.42.12-1.1.debian.tar.xz
Checksums-Sha256:
33c85f83658ceab06e34ff13c9fa94c67ebfa8f53d2f0efab85c443c41de7039 3248
e2fsprogs_1.42.12-1.1.dsc
f3d340f7cc76a4999297399b49e11ab29b8e4c4337c82c9afc60d2d4a340d106 65312
e2fsprogs_1.42.12-1.1.debian.tar.xz
Files:
e0e1f7d200783c4df7e26f815c7a4480 3248 admin required e2fsprogs_1.42.12-1.1.dsc
6e82ccfdf0b84adf60362a6d50867127 65312 admin required
e2fsprogs_1.42.12-1.1.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQQcBAEBCgAGBQJU6TyjAAoJELjWss0C1vRzlDwgAIbEODFSW7cv5YKdA1FdA+d1
9p6istFTPq3qT5SMMafwq8BXfGLUHscG3TRlJo7VuVijm/Lk0wcxW2qHnfJyE6cj
lcbeMmO4LmflmDOvN/jkF7GGKtii9aGWDRsQBTff897jEJXdq/0kBfsGJ8Lg5yCQ
mBGK6iUyY/9Sz1o+UK4oCd9/g6U7BDgXon4NJO7tDXn2Z+/k76qKuDiPr7LcZgjy
CRA9uHxH7OGA1mAASLg3cDv6bWY8vyWKRe+9eHaKn7xeTzstnuu5jq3JfY3yLyZm
i/VQcHYMmTgL2rz6ksiZZnGtniv6f3creI45lwiIUGe2Rg0+Z2+Yj7xPBI7SOSND
7fuw/B6TelyZ1o1lZ4Rd24cWuHYe73qfjNNsKP5Ab7GIv03LP2/94MaDoP0gWfXH
M+iMJd5WTxpha6FIMuS+iG9ar+Yoge4BSDk5KX0tCuQK5J6PtHq1MFF+Ht3ppy9i
Fv+4NiJPePNKo2lvjm7LKnhwk6tLOkzPK2y04oT04g+J8tnGIYkcm2ZdO12q9S1X
yB/mQGAQMPmOexfNl1byLkHrYzD/H7vpTVoKermWdw2wYRW0E0qbHl8cqYpN9W1+
U2qASys0hntKa/7Mu6qsNCU3HnIPpUXxuFrea6Str8s3db8bou5a+lbRj0uLhXhJ
W43kmxmMHcyngA3IDfxPB7HYy6UolyBTccuwhNbzklrxm6/D02g8o/A/1XoUSvuD
imvyEg/IjOVgDOG8T9dZsrw7YFsVdPChe8YaQrgoxrwS8K02qAl3GrS+nqtwWRSj
mXTi894Ja7QOEEFTGsXVwWDd7fqTTYQyAJNvdGFnTFLFfnLsbz/DG+Y/FUhUO23e
1+0fTwsKzbjvuLAGL9oDc/oU38nDYvEdiae/83u6zLJ419ul06yyXiVzSpjhoApt
dVwl4zc5BRenFoZfcLE6CUwvy4pt5qLEyLs9Apj6YSQjEZ53mqdAhJAMqluxW7E7
wLR6W+W3jHpmphWR41szVsPRmwCSYyl4Q+SLTJ90eiRVm7mF7bTdmXgUt6isktmo
D3AoIOHdIF9NramBB3/TgVRu7/cFnORzEJ59zxFc/58cyg0Qin6zbmLSBgvbuBQI
+Y0i6NgZ2/tvY5DH1i9G9OWqbfY06NHoDoGJkqDCy5dHFM2T3hJ4uQEvy+90KmBq
cbqZdxOkYYEsbL91+Uddo79ZEl1nzf8DD8zjpCkQMlFc8QP4lGEshbyYR/1aIogt
CuL9YS+9S75ZmRoxE8yKr4tZ0l6pnnbd8TjZLrWmlINZO9PR1CCz5I4WQo8Hh+DV
slm9Yv0qg6SwQk1rEE1fohp19LZ3VC3Xo4Nlx/ThHYRIroJ35O1GduuXTGJEfZ8=
=+9yc
-----END PGP SIGNATURE-----
--- End Message ---
