Your message dated Tue, 10 Jan 2017 15:04:31 +0000
with message-id <[email protected]>
and subject line Bug#850725: fixed in flickcurl 1.26-1
has caused the Debian Bug report #850725,
regarding flickcurl: New upstream release, fixing overflows
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
850725: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=850725
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: flickcurl
Version: 1.25-3
Severity: grave
Tags: security
Justification: user security hole

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

A new upstream release of libflickr is available.

Upstream changelog mentions seemingly security-related bugfixes:

> Multiple error path allocation fixes, several memory leak fixes and a
> few overflows found via Coverity.

I am unable to determine if those are truly security-related, so severity
inflated to be on the safe side: Please adjust as appropriate.


 - Jonas

-----BEGIN PGP SIGNATURE-----

iQIcBAEBCAAGBQJYc8oGAAoJECx8MUbBoAEh67QP/14maf4BTKvQNI+GPTOyVMTZ
1kJZeQBIvU++S+yv4P8GAJgMCmqNgUuSzbNgCQkio/1CYTkcKHXwKb3t+/IzN9jE
s1vlE56iP82k4TIQk50NmzMuCAdXThTQIeVT5VyeDcaEuvzW2gxNNW//1xbmNmz0
6hV7ms/zzord8YEVB4uGPcc31KgETCziDl3Yt6Y6cYdQ/wyjOga8e3X+ALz1Dq7n
ludjB4IB7iOfsxPDWj3RL1Xa8HBoo+Z1NnuMgQOUlV9nw0BeAqKoL/PeijX6n29V
90tyizFlO6wF3ZAFKJXP6TmO07D/RSEZ4cEUxeETQq2ccV8x/TH1LPYYjsmtKYQS
T9HhOITHuivJGLH4uuKOw9DgaPYk//9cpSO1wXomTdTmKkPHIMnXcs7DKgQGbTcP
IG1pFeGGbZqYzLwwffZPoDZtqc8N8vuttwwO7DaMNoPTmfSSbI49BlaZKK3be9Ih
FoklI0+2egZykx1Q/Mpf49swFCv10IHciUtwATh+U1kWWrb84sZQiLJATAJR09wz
EU7UwZKNgm7SWbD3321nGUQHwAiJIPTmnNpRtjteUStm5tMHDBS1f9xHcjlgezJo
+gCoZ1GI4QvXE5CuRVxSS6TEVYCJsB31tjYr0WJdDUQzihgY0qzZhWt2FcRS4KlR
65PZwEmSv+swuR8y/SGq
=m7cZ
-----END PGP SIGNATURE-----

--- End Message ---
--- Begin Message ---
Source: flickcurl
Source-Version: 1.26-1

We believe that the bug you reported is fixed in the latest version of
flickcurl, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Kumar Appaiah <[email protected]> (supplier of updated flickcurl package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 10 Jan 2017 19:38:00 +0530
Source: flickcurl
Binary: libflickcurl-dev libflickcurl0 libflickcurl0-dbg flickcurl-utils 
flickcurl-doc
Architecture: source all amd64
Version: 1.26-1
Distribution: unstable
Urgency: medium
Maintainer: Kumar Appaiah <[email protected]>
Changed-By: Kumar Appaiah <[email protected]>
Description:
 flickcurl-doc - utilities to call the Flickr API from command line - 
documentatio
 flickcurl-utils - utilities to call the Flickr API from command line
 libflickcurl-dev - C library for accessing the Flickr API - development files
 libflickcurl0 - C library for accessing the Flickr API
 libflickcurl0-dbg - C library for accessing the Flickr API - debugging symbols
Closes: 850725 850727
Changes:
 flickcurl (1.26-1) unstable; urgency=medium
 .
   * New upstream release (Closes: #850725)
   * Depend on libraptor2-dev (Closes: #850727)
   * Standards version is now 3.9.8 (no changes needed)
   * Remove HTTPS URL fix patches
Checksums-Sha1:
 ee4b4b67917859d73739e0a5675efd0f1bb88184 2157 flickcurl_1.26-1.dsc
 547480030ce4f777bb35d98b43fe15ee3eeae0e0 1870073 flickcurl_1.26.orig.tar.gz
 f55a2e71cb48265461be1f49f21f2ecb82fa5312 4828 flickcurl_1.26-1.debian.tar.xz
 14c0ecdb0e8921a058d4248e6f43c3e24627a4ac 696144 flickcurl-doc_1.26-1_all.deb
 09c5c51d681a7da52f6c65f7983e6e805e4f5724 147620 
flickcurl-utils_1.26-1_amd64.deb
 85a73b0363c9c7d03a0a69e6f44cc84969614847 6532 flickcurl_1.26-1_amd64.buildinfo
 bc8dc4c197cdf0e96e0ad68ee22ca5d91410c131 117074 
libflickcurl-dev_1.26-1_amd64.deb
 f4185bf0281becb9fa3febb4575064a7fea12836 596056 
libflickcurl0-dbg_1.26-1_amd64.deb
 56e531babb7a8c8a096c5422e122d985c5dc81d0 175404 libflickcurl0_1.26-1_amd64.deb
Checksums-Sha256:
 88b7eabda97e5a8d012fad5a72c936ef89b4a0a8e53dac2f4db5447c4661bb7b 2157 
flickcurl_1.26-1.dsc
 ff42a36c7c1c7d368246f6bc9b7d792ed298348e5f0f5d432e49f6803562f5a3 1870073 
flickcurl_1.26.orig.tar.gz
 137d36db6b724f2e8755a6e5e1191a71699ce0178b5ec217bfa079c48b2e6ef7 4828 
flickcurl_1.26-1.debian.tar.xz
 a140082b8411d49ff567193d4aa9342d20f124dc3c6e790a1d8474d019757d81 696144 
flickcurl-doc_1.26-1_all.deb
 b50ecc1901c3bc150910cf3a128e181ab208a0253eb2d21eca47d17355073dd5 147620 
flickcurl-utils_1.26-1_amd64.deb
 a2c1f99c5618609fafddf5e387958c128711777545f570b7d2e657d042bf13a8 6532 
flickcurl_1.26-1_amd64.buildinfo
 cc0ebc5efd3248d3a05e9886ed2bb52744f04185f6b5c1a8a729b0377270207e 117074 
libflickcurl-dev_1.26-1_amd64.deb
 0a826fa53e785b0cdf51e00e144920b7de280a291c2b11a60046a32cab8c0f61 596056 
libflickcurl0-dbg_1.26-1_amd64.deb
 f9c99cd8527194f5aa5146981b09048a5840dcf437de7f28c6fb976fdadc90d1 175404 
libflickcurl0_1.26-1_amd64.deb
Files:
 445e910ffcbb4ab5293d335ccc6995ef 2157 libs optional flickcurl_1.26-1.dsc
 7013a36656400dac398748a374c9104f 1870073 libs optional 
flickcurl_1.26.orig.tar.gz
 b38a1a18df2a3fd25f6c594585519bda 4828 libs optional 
flickcurl_1.26-1.debian.tar.xz
 deadcd07f32ecfe4a89f6c10de2c61ae 696144 doc optional 
flickcurl-doc_1.26-1_all.deb
 e05b2221debee2845135922f52c8a291 147620 utils optional 
flickcurl-utils_1.26-1_amd64.deb
 2412bb2ee7b9a043bfeb24687c1ff5f0 6532 libs optional 
flickcurl_1.26-1_amd64.buildinfo
 016abfdef6a6a6c74891c19fcff2aa3b 117074 libdevel optional 
libflickcurl-dev_1.26-1_amd64.deb
 3859c966be7eea233b36e6d8552591b4 596056 debug extra 
libflickcurl0-dbg_1.26-1_amd64.deb
 82df0eb6d7879d0363dcc1ab889bb0bd 175404 libs optional 
libflickcurl0_1.26-1_amd64.deb

-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJYdPAJAAoJEHqPSei2NIC+sxkP/0nCcWw+59uGr1Wysax534Jb
xVGXHBj2x8lWyTbsTOeItAo6U6979I/0cWPSgPLZz2nCVvnsp+AXWbrCXgyeRArh
psDzHAnnZG0od72oeif11sJdlBvzhf3nwE6jjKeQJsX1ybI9i+5gROyXmw+tolU8
Rfo9kB94HWG5OjVpLmGsB52Ui4DD7yYwXMUpXgrBmxBq1z1oKuzRQpvxMwJai/Hy
HlnC+EoL3Wc3sncbH3ZxWb4CBuwkBvxPrVKgxXBgYeHZGHZ25n1fe00Xn+FOPZKg
kl+b8uasZMEZiq3gkcMerdgkMzR+VJt1XxBrorkFF2AZCWoC/1j57FT2+AF30VCb
rozUXAdgbSDTe2SLM2fhvh+zDV2L5Kqf9XVIVK/OiVCjf0pyOTKYzZ/0PbKjMc8d
DuT9E2YgitXdLXNSbPnmdfYZyG9UxyNgve2pySxNjUPu/nOcULf/dsoB2Q/9DgQ4
pFEydi23snfBHSvuWy7dky6mwGouZr6IQT1zN4gGQgU/T3B7E8QIyn1d7d+tG7mP
fKKnFyBhb+6Ug8WUKTmgvSky3Tmx58gRjRpLf8DVl9O0ATzx2GuKwkG9R8/WdLQR
Ys2tjfatIVovwLhSCXVbjUSqX4cpHu3M3tQkrJ/jfUuFTTxkPN1fneH2KWZiCTH1
0BrotQhqieOKRp/5TxqO
=Zr9p
-----END PGP SIGNATURE-----

--- End Message ---

Reply via email to