Your message dated Mon, 15 Apr 2019 10:47:09 +0000
with message-id <[email protected]>
and subject line Bug#902190: fixed in vcftools 0.1.14+dfsg-4+deb9u1
has caused the Debian Bug report #902190,
regarding vcftools: CVE-2018-11099 CVE-2018-11129 CVE-2018-11130
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
902190: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=902190
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: vcftools
Severity: grave
Tags: security
Please see
http://seclists.org/fulldisclosure/2018/May/43
https://github.com/vcftools/vcftools/issues/109
Cheers,
Moritz
--- End Message ---
--- Begin Message ---
Source: vcftools
Source-Version: 0.1.14+dfsg-4+deb9u1
We believe that the bug you reported is fixed in the latest version of
vcftools, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Dylan Aïssi <[email protected]> (supplier of updated vcftools package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sun, 14 Apr 2019 17:49:29 +0200
Source: vcftools
Binary: vcftools
Architecture: source amd64
Version: 0.1.14+dfsg-4+deb9u1
Distribution: stretch
Urgency: medium
Maintainer: Debian Med Packaging Team
<[email protected]>
Changed-By: Dylan Aïssi <[email protected]>
Description:
vcftools - Collection of tools to work with VCF files
Closes: 902190
Changes:
vcftools (0.1.14+dfsg-4+deb9u1) stretch; urgency=medium
.
* Team upload.
* Add patch from upstream to fix CVE-2018-11099, CVE-2018-11129 and
CVE-2018-11130 (Closes: #902190).
Checksums-Sha1:
8410efd82e41095df57f48bcd70076b01bd076ec 2164 vcftools_0.1.14+dfsg-4+deb9u1.dsc
d9923c50cb32cbca6cde00d89fe4160482be1135 13944
vcftools_0.1.14+dfsg-4+deb9u1.debian.tar.xz
4f34095dc8b447756d54447daac0f35ef7eff97b 3563928
vcftools-dbgsym_0.1.14+dfsg-4+deb9u1_amd64.deb
fa91ac7374e5095c8ff4627e32ba5f0279a0376e 6202
vcftools_0.1.14+dfsg-4+deb9u1_amd64.buildinfo
82faa26d930f473a5629cd075eae0223b06fb030 458340
vcftools_0.1.14+dfsg-4+deb9u1_amd64.deb
Checksums-Sha256:
f7d67d4e9b4702638ec8a41b9f4fc94e201d5aa87abc84ed9fb716baceb349e7 2164
vcftools_0.1.14+dfsg-4+deb9u1.dsc
b56d8f8a575327e8d9d1c3a05d0fab1a21f575830e861bb79e8d9c8562cda5e8 13944
vcftools_0.1.14+dfsg-4+deb9u1.debian.tar.xz
c27f04840f636d95516901cbf30270d2432781a814b8cc1aa83c2ab49b5c6d62 3563928
vcftools-dbgsym_0.1.14+dfsg-4+deb9u1_amd64.deb
3e6945b3d0c9f29a0a0aa99d56dc79b526bf6e2679616c15b67888dcfb253ad3 6202
vcftools_0.1.14+dfsg-4+deb9u1_amd64.buildinfo
9d909c0d0812290af150acbcb753e634d58cee387a7d5ec9a3797f23e10154f4 458340
vcftools_0.1.14+dfsg-4+deb9u1_amd64.deb
Files:
726013a576f8ced8c5ab9bed4e83f348 2164 science optional
vcftools_0.1.14+dfsg-4+deb9u1.dsc
a391764dfe58bc2e90aa0420dc21d7cf 13944 science optional
vcftools_0.1.14+dfsg-4+deb9u1.debian.tar.xz
525f6ffbfa0a2f5f9dff31404c2f0cdd 3563928 debug extra
vcftools-dbgsym_0.1.14+dfsg-4+deb9u1_amd64.deb
de4da243000fa45d1b86bebda2658427 6202 science optional
vcftools_0.1.14+dfsg-4+deb9u1_amd64.buildinfo
b38fec92c799655c04715a409f97cf95 458340 science optional
vcftools_0.1.14+dfsg-4+deb9u1_amd64.deb
-----BEGIN PGP SIGNATURE-----
iQJGBAEBCgAwFiEEmjwHvQbeL0FugTpdYS7xYT4FD1QFAly0JKESHGRhaXNzaUBk
ZWJpYW4ub3JnAAoJEGEu8WE+BQ9UoqEP/1btaWl908xiCQ8dKwtcuUruf+tDfwIG
gZP6SqgpqOBEEkXjgmDDIn1D7hp5IKaZuvgAFYjSTG4+QiQgSSYzDZ9NdLkHn8x/
rLz3wS2ngwbCFTgA11L+LLan5LagLgwWH6KhfWfuOvKtLpqb2o6yT2nqQ3xptweO
wRFYlLhkov326AHfROTzdOO8cJldqfj9CW4KIXLpCnRhsQN8BG02s4frZW7FR8zS
SiyaN8/UJAdUnRQTIk1y5R5OZT8/SdMaT+xMS3ur8fzi8+I+VVKQRi3c5vW3EvaO
62X6K1vgMt9yJcpfeNICTvvhqSFvXqNO+S0j1ndbzVcNqJl8RI1lTv1lYHolIfAQ
DJDm+07sl56g9pzLwQOfmo/EUJX8dMSXF8wv2vw+qVODvhkx8W9Q5HO1G8JLEPb9
cwAvy8yfsZidxB6jWyF5/U6zr/OGvo6+5D0kXNRWSRaAVaSJsjPF6YLRmWBp9u4c
n+bXQES5fek+Gi0IBnUakT29Gyw3kzo8E6OmrPbJuCQeU4aNQX4i4GUk0l8UX+re
HAJqLfkVtKIo6+fXG/nwe2FEtB9C3GAJFWhP8tQ50LUsxbDrcn9TzgJ10VDzdyTP
kKI4xpEDKw+xi37i+HWw1za9lyeJH+mxz/RWrfBBXw1WRwA/3do6JwWRNebWhU14
WXGHfF9ifFPf
=r8EE
-----END PGP SIGNATURE-----
--- End Message ---