Your message dated Fri, 30 Jun 2017 21:21:07 +0000
with message-id <[email protected]>
and subject line Bug#864664: fixed in libquicktime 2:1.2.4-11
has caused the Debian Bug report #864664,
regarding CVE-2017-9122 CVE-2017-9123 CVE-2017-9124 CVE-2017-9125 CVE-2017-9126
CVE-2017-9127 CVE-2017-9128
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
864664: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864664
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: libquicktime
Severity: grave
Tags: security
Please see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9122
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9123
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9124
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9125
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9126
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9127
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9128
Cheers,
Moritz
--- End Message ---
--- Begin Message ---
Source: libquicktime
Source-Version: 2:1.2.4-11
We believe that the bug you reported is fixed in the latest version of
libquicktime, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Reinhard Tartler <[email protected]> (supplier of updated libquicktime
package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Fri, 30 Jun 2017 16:16:24 -0400
Source: libquicktime
Binary: libquicktime2 libquicktime-dev libquicktime-doc quicktime-utils
quicktime-x11utils
Architecture: source
Version: 2:1.2.4-11
Distribution: unstable
Urgency: medium
Maintainer: Debian Multimedia Maintainers
<[email protected]>
Changed-By: Reinhard Tartler <[email protected]>
Description:
libquicktime-dev - library for reading and writing Quicktime files
(development)
libquicktime-doc - library for reading and writing Quicktime files
(documentation)
libquicktime2 - library for reading and writing Quicktime files
quicktime-utils - library for reading and writing Quicktime files (utilities)
quicktime-x11utils - library for reading and writing Quicktime files (x11
utilities)
Closes: 864664
Changes:
libquicktime (2:1.2.4-11) unstable; urgency=medium
.
* Cherry pick security patches from upstream (Closes: #864664)
- CVE-2017-9122
- CVE-2017-9123
- CVE-2017-9124
- CVE-2017-9125
- CVE-2017-9126
- CVE-2017-9127
- CVE-2017-9128
Checksums-Sha1:
1e595a94c749f00b82fa6fe9d7638f5a83432012 2700 libquicktime_1.2.4-11.dsc
34e65a46e47c5e55be8cc776f36c6e7b8c226844 22644
libquicktime_1.2.4-11.debian.tar.xz
Checksums-Sha256:
c62105c754253b0eb232f7e8a726a44ed3b9b0b401987d2a7c1f178e76eb1cde 2700
libquicktime_1.2.4-11.dsc
3f655fdab37fcad2d2e7d20672ff8bad6eec64a9d5a7dc702c79082346ba878b 22644
libquicktime_1.2.4-11.debian.tar.xz
Files:
f3f8179f9d66914f243e49a02b84b326 2700 devel optional libquicktime_1.2.4-11.dsc
f202c9df441e3305ecbc4d07efcd67ac 22644 devel optional
libquicktime_1.2.4-11.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEE6n5rckvJ+/LRcetya3IL6cXPbZ4FAllWuzAACgkQa3IL6cXP
bZ7KlQ/9EdBa/wdBIRFlysafv6CoFyl5MTSS0e6VVyHqUcgyClbkSUs6BIenAuav
WblABB8x6FrdfvfD9oXMEON9zfNYiM27a9izmEbLmNDCZ/K7nx6kqi7v9qc3x3gr
IVIOWGqg/GZ1hiurbtAEfA0n1XV1o868i7FQ3hNYbAVxR1AGXfqYiqQ6xvTkzcd5
s6KVqlGAGtzZO7dbDXa2k6N2p+oNRG6A+3HT2BbkgvKJjG2U6xWi/Z3GJ+TVP5GF
AmyWNAJu/adBu0hRzVy7lQmVEX7TENJVA6ZOVcdZISfv6W//o4L9XiCSzcoIwAYl
YXi3EbdpUoZnVw7HukiO2Za+GvyMrWgYBoVFrXEuEAwi75BVsgY+lN/i+OS3VH5B
P7QAkJo9qdhE4HuRc7oPa2hZuKDhooLGuEvZCFLzExt9slhDpOG8PU5hvpm50Ie7
uofyaBwrFVoDSEOCKAHnBhrQs3xJGpuH7ZKuGLbddkR2NSE7HbSwssCNXHQGoDNE
CN0pT3Iz1aIhjRUspADkpfeBSmlhwWahXuCD0fdZPzeh3KGkOj7Q+Xvt+U5RlkRQ
dlpl0XXeASW3C+mmwEcq0PxSKer6Ue6UNHFzatvGdKwOnqjwlM+4LUDNP38oA0AW
mDi7YsW3d7vD2uTilVSD0ToON7W5jdlk8C14WKWRcn5HW1cfgzc=
=nwnw
-----END PGP SIGNATURE-----
--- End Message ---