Your message dated Wed, 21 Dec 2016 13:18:42 +0000
with message-id <[email protected]>
and subject line Bug#837599: fixed in autotrace 0.31.1-17
has caused the Debian Bug report #837599,
regarding autotrace: CVE-2016-7392: heap-based buffer overflow in
pstoedit_suffix_table_init (output-pstoedit.c)
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
837599: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=837599
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: autotrace
Version: 0.31.1-16
Severity: grave
Tags: security upstream
Hi,
the following vulnerability was published for autotrace.
CVE-2016-7392[0]:
heap-based buffer overflow in pstoedit_suffix_table_init (output-pstoedit.c)
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2016-7392
Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: autotrace
Source-Version: 0.31.1-17
We believe that the bug you reported is fixed in the latest version of
autotrace, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Christoph Biedl <[email protected]> (supplier of updated autotrace
package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Wed, 21 Dec 2016 09:50:51 +0100
Source: autotrace
Binary: autotrace libautotrace3 libautotrace-dev
Architecture: source
Version: 0.31.1-17
Distribution: unstable
Urgency: medium
Maintainer: Debian QA Group <[email protected]>
Changed-By: Christoph Biedl <[email protected]>
Description:
autotrace - bitmap to vector graphics converter
libautotrace-dev - bitmap to vector graphics converter, development files
libautotrace3 - bitmap to vector graphics converter, shared library files
Closes: 837599
Changes:
autotrace (0.31.1-17) unstable; urgency=medium
.
* QA upload
* Set maintainer field to Debian QA Group (see #834306)
* Fix heap-based buffer overflow in pstoedit_suffix_table_init.
Closes: #837599 [CVE-2016-7392]
Checksums-Sha1:
82b4ad38eae868c3ab016bc654b963302342c387 1970 autotrace_0.31.1-17.dsc
16c95d8d607a17ceef56d1d69116260c9170b1b2 176760
autotrace_0.31.1-17.debian.tar.xz
Checksums-Sha256:
0d0953c62c9cdf7cc80cffe1d411c7a4ffe91881a3e2a9efc287240fc70e07c2 1970
autotrace_0.31.1-17.dsc
119d56ebbcd258e25bd4ca2fe7aa3de6f51a5cd46b4e142829475a6ef8edf735 176760
autotrace_0.31.1-17.debian.tar.xz
Files:
4219579c6b77855cde05eb064b7b1e4b 1970 graphics optional autotrace_0.31.1-17.dsc
cc4b1edd8cbf07419cae1679268e38ae 176760 graphics optional
autotrace_0.31.1-17.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEErnMQVUQqHZbPTUx4dbcQY1whOn4FAlhafLwACgkQdbcQY1wh
On4MgBAAshSzwtnKSdBqzvp4FB/xa3I3qhhaOj9PdFYtuS48xQUZ0e7AQTtHVbG5
urFM4FKgd7zjJM+nCCYOtRs9TqTAaKhawnw/AkPw2b+q/Q9M5oG17P+qzJXP4fkk
tmvPbyN8ysckelC1Di+tMtrWF/3XAYnbMuS8ef+sS5BDGkRNtZwIK3j3tqf/Th5Y
lSItgfjIpFqeKk0rvIR0qPV2mbR0kSgZfsyGvFkthlei7UeUoK9lEv+n+Oen4ktt
Mvtb0p0ar/wy+38//qECKq4PyTAmlornZ1JarDhlBpidally2qpfK0qvO9TaKyCr
wV0iuwNKzDl2mgDIt1pSOrx+KanGxIjU/A61Wjh8rPawbxbrGDwg9VY+QmrtiAj8
BDntpMEPFknZ4uCcQivMruxMdMH3qP/Qy+/9pRaH20LU96rEOlXmVALW15UpWEqg
Vp0Q4HBRJGsGJYzwGBdUul2dYIAQIJ20U9ad9HfFE9MlpP8uHgoFfzSLPFjR2fJR
f+MCAnosDrm30Kk2KbCPCI34k4lXk8U5u82CLaUMis7b4Oaa0M2tzM103B+L2TUI
iigHTbQEhKl3zET3GYJGzZrR3sVkSgoi0kUs+K2xgnhxs+jZPM4ob2oSapYysJ7h
hYc/puI+tmmQb5/uw5xhQFfQFe9WOmsSZn0sAg8JAEuT+oQaRmQ=
=S2z3
-----END PGP SIGNATURE-----
--- End Message ---
