Bug#780101: marked as done (librest: Invalid pointer dereference)

Debian Bug Tracking System Mon, 09 Mar 2015 06:38:37 -0700

Your message dated Mon, 09 Mar 2015 13:34:33 +0000
with message-id <[email protected]>
and subject line Bug#780101: fixed in librest 0.7.92-3
has caused the Debian Bug report #780101,
regarding librest: Invalid pointer dereference
to be marked as done.


This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
780101: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=780101
Debian Bug Tracking System
Contact [email protected] with problems

--- Begin Message ---

Package: librest
Severity: grave
Tags: security
Justification: user security hole

The following fix was identified to be a security-relevant:
https://bugzilla.gnome.org/show_bug.cgi?id=742644

Please see Florian's CVE request for further information:
http://www.openwall.com/lists/oss-security/2015/03/04/6

Fix:
https://git.gnome.org/browse/librest/commit/?id=b50ace7738ea038

Cheers,
        Moritz

--- End Message ---

--- Begin Message ---

Source: librest
Source-Version: 0.7.92-3

We believe that the bug you reported is fixed in the latest version of
librest, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Ying-Chun Liu (PaulLiu) <[email protected]> (supplier of updated librest 
package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Mon, 09 Mar 2015 21:01:02 +0800
Source: librest
Binary: librest-0.7-0 librest-0.7-0-dbg librest-dev gir1.2-rest-0.7 librest-doc 
librest-extras-0.7-0 librest-extras-dev gir1.2-rest-extras-0.7
Architecture: source i386 all
Version: 0.7.92-3
Distribution: unstable
Urgency: medium
Maintainer: Ying-Chun Liu (PaulLiu) <[email protected]>
Changed-By: Ying-Chun Liu (PaulLiu) <[email protected]>
Description:
 gir1.2-rest-0.7 - REST service access library (introspection files)
 gir1.2-rest-extras-0.7 - REST service access library extra components 
(introspectionfiles)
 librest-0.7-0 - REST service access library
 librest-0.7-0-dbg - REST service access library (Debug files)
 librest-dev - REST service access library (development headers)
 librest-doc - REST service access library (documentation)
 librest-extras-0.7-0 - REST service access library extra components
 librest-extras-dev - REST service access library extra components (development 
headers
Closes: 780101
Changes:
 librest (0.7.92-3) unstable; urgency=medium
 .
   * Add debian/patches/03_fix_invalid_pointer_reference.patch
     - fix invalid pointer dereference (Closes: #780101)
Checksums-Sha1:
 3f42f2083fcf95234f26a36cca84570a10c57b1f 2435 librest_0.7.92-3.dsc
 46051789e24909e81d3066300c5097f419b63d9a 7064 librest_0.7.92-3.debian.tar.xz
 9936c5b326e9f170c299a24fb3a68ebcb1c6e4d6 34510 librest-0.7-0_0.7.92-3_i386.deb
 562b155ca1e5bb7775563a22c941a1d480b33c20 92930 
librest-0.7-0-dbg_0.7.92-3_i386.deb
 62e83d185c0bd40cd2c42861e49595c7fa9bfc75 30650 librest-dev_0.7.92-3_i386.deb
 3cd8829a40f5fe1ce74582391354ea789df176de 9470 gir1.2-rest-0.7_0.7.92-3_i386.deb
 55a52f0e08345ece1353aa917b2764c13b0ef1e9 36576 librest-doc_0.7.92-3_all.deb
 f4bad6a66149d4f37321552ac54da9a2066a93d6 15270 
librest-extras-0.7-0_0.7.92-3_i386.deb
 b0beea99c9e021894d478f5f57d824115ebe72b2 9260 
librest-extras-dev_0.7.92-3_i386.deb
 13d275cd318e89867b283df93cd7f48be4639c14 6224 
gir1.2-rest-extras-0.7_0.7.92-3_i386.deb
Checksums-Sha256:
 740036f34964ebb87e7bb3a25cf4e44e25c02a263d05f5fc81d5e7deaadce662 2435 
librest_0.7.92-3.dsc
 6cb8c1b6db64c624892b4baab68035aedc69ac371a8282ffc1fc2febae2ac393 7064 
librest_0.7.92-3.debian.tar.xz
 4ade8af4bb3602feb8380cfd1b13360def0a56d9a43695c55f4c3edc179b2926 34510 
librest-0.7-0_0.7.92-3_i386.deb
 1fb0db7537e73cc27317ee573015c2d598e5468a7034e59628212c251d6c300f 92930 
librest-0.7-0-dbg_0.7.92-3_i386.deb
 149bb8eb61a1dd80841dfdde0e59e9578116ea3bae010a358b79a171a8588bbd 30650 
librest-dev_0.7.92-3_i386.deb
 20464177ddfd158558e894df0fb712d0d04a57c155da3819a2c172a280798684 9470 
gir1.2-rest-0.7_0.7.92-3_i386.deb
 73920a3385a5ebf61d9f412d3573322dceddb97ebe064194bb4441f52564e547 36576 
librest-doc_0.7.92-3_all.deb
 605232877aa689bad4a053f7c5b4f21c7119b9b0591e04a7c1f6381107a57e68 15270 
librest-extras-0.7-0_0.7.92-3_i386.deb
 8c83b3929bb7b57817e1d58a83788d8c12f438bc0cbc262c259595ac06388e32 9260 
librest-extras-dev_0.7.92-3_i386.deb
 aaadb4acfb0d4ea208e91a62b05434f45e0855f09d94d8a984c79c586fc8861f 6224 
gir1.2-rest-extras-0.7_0.7.92-3_i386.deb
Files:
 b70c748167dd7a4327cdf6c42c607fb8 2435 libs optional librest_0.7.92-3.dsc
 d9b383ff089116dabd92e8e894a9434f 7064 libs optional 
librest_0.7.92-3.debian.tar.xz
 595316fff4d2245f2f2b2ed5f44be32c 34510 libs optional 
librest-0.7-0_0.7.92-3_i386.deb
 4aaa1e9a1f37718cb1deebc1bdc1fad5 92930 debug extra 
librest-0.7-0-dbg_0.7.92-3_i386.deb
 062c9fb31bc42e442afd8fb17f8b8d44 30650 libdevel optional 
librest-dev_0.7.92-3_i386.deb
 72edb5f2a47655ba880526d8f00236fc 9470 introspection optional 
gir1.2-rest-0.7_0.7.92-3_i386.deb
 bd6baf8ef87ee812e0acecfbf0a8c4d8 36576 doc optional 
librest-doc_0.7.92-3_all.deb
 acbd2934b3cadf31222f819188b04d9b 15270 libs optional 
librest-extras-0.7-0_0.7.92-3_i386.deb
 35b227a03be622d19d2093f78e43e167 9260 libdevel optional 
librest-extras-dev_0.7.92-3_i386.deb
 2bee577131e5955de0311949f3e9b830 6224 introspection optional 
gir1.2-rest-extras-0.7_0.7.92-3_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJU/aC4AAoJEEQXP6E9BYiIw3cP+wfDaC58ZqP2yNiIc7t7yc8O
D9fDSvhXY3fMo713en7F+ppj+hFkkLurErS9/i2FqyDAGpD5euZlaxVRt1LMJPfK
+sngAmPK2N6Zzrsm4BY98YHsP8kjM1ZoipmxXTV+W3Js/7jYdffux02qlHW61z6M
H3WaXxj+1ltpmazU5iTNBV7M5zIWsNbUppyWz2p0OyI0T3tIPlpXsFo/AJNeIZA4
j75JPqXpo5ePofkv4iLg4bY7c9alFYlZb4Ao3j3Q61kyTC43JeI1nXFIMvhPIkCe
EeUqHZ4gZ9Zwx7MrmhLaXp7qXTPh7xwbinuoEuYuz6ovsyKzg6qXd99dAuthoLZd
nQ8IFlcqoIF1pD1PDGlbyeZsmpKAc5r4F023X9ww43164/JLUaUIRaMB2e+5h9jz
5tfdEvCPYTLI7dbMFFpXWQBjXWUSW4Uy7bUUwHnPK94Z0BOe/kN5lTjm/M9QtXZu
mnKiJvna3c+XOJJlSYoBUui4lUgnUe6Iu+tjfxFherNpqvrRC/9k0C/iq7Yl/5wc
6Rj+UeuhG/IjUHXg9cQfgOp74qJCz1ef2BHyBRQ2osWpU6C2TxF7ZijxT1w2pUQE
VsIYX8nw2ckLwrJ+lY1cEUFxVOvI1IRSd6zz4VSHfnbMADdtUi68KxnqPmNznYBq
Zlab8+VPBSVPqsd2rPt9
=DNTn
-----END PGP SIGNATURE-----

--- End Message ---

Bug#780101: marked as done (librest: Invalid pointer dereference)

Reply via email to