Bug#913963: marked as done (libbson: CVE-2018-16790: heap-based buffer over-read via a crafted bson buffer)

Sun, 25 Nov 2018 05:37:04 -0800 

Your message dated Sun, 25 Nov 2018 13:34:29 +0000
with message-id <[email protected]>
and subject line Bug#913963: fixed in mongo-c-driver 1.13.0-1
has caused the Debian Bug report #913963,
regarding libbson: CVE-2018-16790: heap-based buffer over-read via a crafted 
bson buffer
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
913963: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913963
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message --- 
Source: libbson
Severity: grave
Tags: security

Please see https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16790

Cheers,
        Moritz

--- End Message ---
--- Begin Message --- 
Source: mongo-c-driver
Source-Version: 1.13.0-1

We believe that the bug you reported is fixed in the latest version of
mongo-c-driver, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Roberto C. Sanchez <[email protected]> (supplier of updated mongo-c-driver 
package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 24 Nov 2018 15:01:25 -0500
Source: mongo-c-driver
Binary: libmongoc-dev libmongoc-1.0-0 libmongoc-doc libbson-dev libbson-1.0-0 
libbson-doc
Architecture: source
Version: 1.13.0-1
Distribution: unstable
Urgency: medium
Maintainer: Mongo C Driver Team <[email protected]>
Changed-By: Roberto C. Sanchez <[email protected]>
Description:
 libbson-1.0-0 - Library to parse and generate BSON documents - runtime files
 libbson-dev - Library to parse and generate BSON documents - dev files
 libbson-doc - Library to parse and generate BSON documents - documentation
 libmongoc-1.0-0 - MongoDB C client library - runtime files
 libmongoc-dev - MongoDB C client library - dev files
 libmongoc-doc - MongoDB C client library - documentation
Closes: 913963
Changes:
 mongo-c-driver (1.13.0-1) unstable; urgency=medium
 .
   * New upstream release (Closes: #913963)
   * Update maintainer to team address
   * Update to Standards-Version 4.2.1 (no changes)
Checksums-Sha1:
 a9a393e4ef659f8098f7c6198b83845604fe5397 2514 mongo-c-driver_1.13.0-1.dsc
 7f1ed2e2d40dac0d5c4137d8f48151207d8b4b4e 5168399 
mongo-c-driver_1.13.0.orig.tar.gz
 ed034b12e7c68ee1a8908a45c39269f0d4b6ea46 12368 
mongo-c-driver_1.13.0-1.debian.tar.xz
 1c7fe1c807a23b7fb45f01258b75f8f17a1976cc 10805 
mongo-c-driver_1.13.0-1_amd64.buildinfo
Checksums-Sha256:
 90c3c7398fb90d137a74c238e0bb8a22bf327df92b01a2c8f57d2eaf1d5c9092 2514 
mongo-c-driver_1.13.0-1.dsc
 81d2c325bd50f98e2fe7a8bb21c9975c5e105c1a197ed817ad28fc8cd3cb0fb5 5168399 
mongo-c-driver_1.13.0.orig.tar.gz
 f474e4ecb7af676e5b8327d65b6680ae621de06a91479cbac4ee8e7a65c9acf9 12368 
mongo-c-driver_1.13.0-1.debian.tar.xz
 286bbde236757e66cbcb988c5d806b335cc9b493d0fc972529fef56416219f1d 10805 
mongo-c-driver_1.13.0-1_amd64.buildinfo
Files:
 829552f88549ad53de1fa87f5787a000 2514 libs optional mongo-c-driver_1.13.0-1.dsc
 056ed35d40315c96745c83635de89803 5168399 libs optional 
mongo-c-driver_1.13.0.orig.tar.gz
 c2ee69f44ea75f721a9f5bba2c49a4c5 12368 libs optional 
mongo-c-driver_1.13.0-1.debian.tar.xz
 0fcb81d827d36357633b880a1c21a580 10805 libs optional 
mongo-c-driver_1.13.0-1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEz9ERzDttUsU/BH8iLNd4Xt2nsg8FAlv6oiAACgkQLNd4Xt2n
sg9yBRAAkzI240LmRRvum7i2UE4lSIcFqicNVQ/M/zqL57QjlHnqPsZajZY+fzwk
126wgaaX7OcIt07LPtHxef98COx8yCmytfH32MwSaRkNVa9WRKXNzhRaak2EmrwL
U0S3fpINeKhgwz837vEh4hN0Gkf/tGB/SOgMlYTCFfVcTuLJNF/O9+/g56p47X2H
4zvakwUHbqo1MiVaFWhov5tU5kKVuhsGOxUffUFkROLafHE2i4tyzEnVPcoMlHPK
/b7f1Pq5hhizC672s7LP5LkAJdJDeTtTgtDgR5YcZKFyNxm8UzPTxJJx+cw/QWpH
0JFEvSIwHu9pQISw+eYg8OpOr/jOgeadLAnAF1l+a7p6lhNIphZKHrAIDlmcdswu
V6Py9LlQY2bJ47L35ARDlCJt57F2InYSVX62fo6xp6bdDzdIFQ9kMCfc7bmN4i38
2gjEeyhV2Cb35z3IIXZrT1QnOv3/pR1M7KyYI2zCgOazfS5afBAvupjEmedZ55T5
Rm4ZHXGaGpPuLa4FQa2M20+pf32nR4M313rGp6dQnVxnpmDBZnDW/5dlpYh8kUUx
ZbnDl4xDAm83TgX4Elo3k8V9V2bPattYOT6rwsMTgQI683g47IojfbgT6HGl5gx5
7i+BKGMkXEiGiyr9/6fXMatoX5yVEs1TyKs0ZN4O7pyc806WoHc=
=n44A
-----END PGP SIGNATURE-----

--- End Message ---

Reply via email to