Your message dated Mon, 25 Mar 2024 21:14:34 +0000
with message-id <[email protected]>
and subject line Bug#1060407: fixed in gtkwave 3.3.118-0.1
has caused the Debian Bug report #1060407,
regarding Multiple security issues
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
1060407: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1060407
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: gtkwave
Version: 3.3.116-1
Severity: grave
Tags: security
X-Debbugs-Cc: Debian Security Team <[email protected]>

A very thorough security audit of gtkwave unveiled a total of 82 security
issues in gtkwave, all fixed in 3.3.118:

CVE-2023-32650 CVE-2023-34087 CVE-2023-34436 CVE-2023-35004
CVE-2023-35057 CVE-2023-35128 CVE-2023-35702 CVE-2023-35703
CVE-2023-35704 CVE-2023-35955 CVE-2023-35956 CVE-2023-35957
CVE-2023-35958 CVE-2023-35959 CVE-2023-35960 CVE-2023-35961
CVE-2023-35962 CVE-2023-35963 CVE-2023-35964 CVE-2023-35969
CVE-2023-35970 CVE-2023-35989 CVE-2023-35992 CVE-2023-35994
CVE-2023-35995 CVE-2023-35996 CVE-2023-35997 CVE-2023-36746
CVE-2023-36747 CVE-2023-36861 CVE-2023-36864 CVE-2023-36915
CVE-2023-36916 CVE-2023-37282 CVE-2023-37416 CVE-2023-37417
CVE-2023-37418 CVE-2023-37419 CVE-2023-37420 CVE-2023-37442
CVE-2023-37443 CVE-2023-37444 CVE-2023-37445 CVE-2023-37446
CVE-2023-37447 CVE-2023-37573 CVE-2023-37574 CVE-2023-37575
CVE-2023-37576 CVE-2023-37577 CVE-2023-37578 CVE-2023-37921
CVE-2023-37922 CVE-2023-37923 CVE-2023-38583 CVE-2023-38618
CVE-2023-38619 CVE-2023-38620 CVE-2023-38621 CVE-2023-38622
CVE-2023-38623 CVE-2023-38648 CVE-2023-38649 CVE-2023-38650
CVE-2023-38651 CVE-2023-38652 CVE-2023-38653 CVE-2023-38657
CVE-2023-39234 CVE-2023-39235 CVE-2023-39270 CVE-2023-39271
CVE-2023-39272 CVE-2023-39273 CVE-2023-39274 CVE-2023-39275
CVE-2023-39316 CVE-2023-39317 CVE-2023-39413 CVE-2023-39414
CVE-2023-39443 CVE-2023-39444

Let's first fix unstable and then we can simple build 3.3.118
for stable-security and oldstable-security as well.

Full details in these advisories from TALOS:
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1777
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1783
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1785
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1786
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1789
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1790
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1791
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1792
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1793
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1797
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1798
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1803
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1804
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1805
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1806
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1807
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1810
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1811
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1812
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1813
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1814
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1815
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1816
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1817
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1818
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1819
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1820
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1821
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1822
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1823
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1824
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1826
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1827

Cheers,
        Moritz

--- End Message ---
--- Begin Message ---
Source: gtkwave
Source-Version: 3.3.118-0.1
Done: Adrian Bunk <[email protected]>

We believe that the bug you reported is fixed in the latest version of
gtkwave, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Adrian Bunk <[email protected]> (supplier of updated gtkwave package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 23 Mar 2024 21:54:30 +0200
Source: gtkwave
Architecture: source
Version: 3.3.118-0.1
Distribution: unstable
Urgency: high
Maintainer: Debian Electronics Team 
<[email protected]>
Changed-By: Adrian Bunk <[email protected]>
Closes: 1060407
Changes:
 gtkwave (3.3.118-0.1) unstable; urgency=high
 .
   * Non-maintainer upload.
   * New upstream release.
     - Fixes multiple vulnerabilities:
       CVE-2023-32650, CVE-2023-34087, CVE-2023-34436, CVE-2023-35004,
       CVE-2023-35057, CVE-2023-35128, CVE-2023-35702, CVE-2023-35703,
       CVE-2023-35704, CVE-2023-35955, CVE-2023-35956, CVE-2023-35957,
       CVE-2023-35958, CVE-2023-35959, CVE-2023-35960, CVE-2023-35961,
       CVE-2023-35962, CVE-2023-35963, CVE-2023-35964, CVE-2023-35969,
       CVE-2023-35970, CVE-2023-35989, CVE-2023-35992, CVE-2023-35994,
       CVE-2023-35995, CVE-2023-35996, CVE-2023-35997, CVE-2023-36746,
       CVE-2023-36747, CVE-2023-36861, CVE-2023-36864, CVE-2023-36915,
       CVE-2023-36916, CVE-2023-37282, CVE-2023-37416, CVE-2023-37417,
       CVE-2023-37418, CVE-2023-37419, CVE-2023-37420, CVE-2023-37442,
       CVE-2023-37443, CVE-2023-37444, CVE-2023-37445, CVE-2023-37446,
       CVE-2023-37447, CVE-2023-37573, CVE-2023-37574, CVE-2023-37575,
       CVE-2023-37576, CVE-2023-37577, CVE-2023-37578, CVE-2023-37921,
       CVE-2023-37922, CVE-2023-37923, CVE-2023-38583, CVE-2023-38618,
       CVE-2023-38619, CVE-2023-38620, CVE-2023-38621, CVE-2023-38622,
       CVE-2023-38623, CVE-2023-38648, CVE-2023-38649, CVE-2023-38650,
       CVE-2023-38651, CVE-2023-38652, CVE-2023-38653, CVE-2023-38657,
       CVE-2023-39234, CVE-2023-39235, CVE-2023-39270, CVE-2023-39271,
       CVE-2023-39272, CVE-2023-39273, CVE-2023-39274, CVE-2023-39275,
       CVE-2023-39316, CVE-2023-39317, CVE-2023-39413, CVE-2023-39414,
       CVE-2023-39443, CVE-2023-39444
       (Closes: #1060407)
Checksums-Sha1:
 13eb36fd73b550495699791165d99df832ed8a4c 2116 gtkwave_3.3.118-0.1.dsc
 b09261fab198fdd29a67011a55f5d8901a9cb2d7 3330206 gtkwave_3.3.118.orig.tar.gz
 af401a027b01eb1405b7b4f016947cb0dfd9a9e6 9168 gtkwave_3.3.118-0.1.debian.tar.xz
Checksums-Sha256:
 31b7229b5caccc9c28f6bb18c474a893c8fd672256f4ac42e16a99a565840544 2116 
gtkwave_3.3.118-0.1.dsc
 0f4330c028a2ab3d2f4d4ceeaf6db6925db010c4b6fd52d11022d0e5dea0486a 3330206 
gtkwave_3.3.118.orig.tar.gz
 356d773b984bb25e304eab5761dbb48c58e98ccd17ed8114e9ffac0e210bd53c 9168 
gtkwave_3.3.118-0.1.debian.tar.xz
Files:
 07cd77d03abb9b73bcfefc499b25275b 2116 electronics optional 
gtkwave_3.3.118-0.1.dsc
 3a1281bce5fd56e43585773ab07bfd2b 3330206 electronics optional 
gtkwave_3.3.118.orig.tar.gz
 92cbdd261bc356d56eca9879dcf2c2b7 9168 electronics optional 
gtkwave_3.3.118-0.1.debian.tar.xz

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEOvp1f6xuoR0v9F3wiNJCh6LYmLEFAmX/RJUACgkQiNJCh6LY
mLHdyg/+NGzHxPyuv6cHksUcz97vAGzGBDDrWOSiZQv0sCvIGAI7Z3l43nVyjAUq
o+SmQ2SZn19MFUNN3befUxMl973v4Tde1i7P01eL1RZqp11+8uJDWipvWzYb13jE
Wg5rBF/kQTlWisyv8B3SWAqTKoT8YFnVXV0VxG8Y02+iyZyVvr+euhTsWT5BHET5
FTGvv0D6zQ83aEuDQwSZJb2vGBCM/qZrXeA6vb+rYJIkefGqtfNQVkE/bvtGAtco
LmaUcxTArhlbg4QfJfL/BSRDR8dccH0Ja9LpNRPLltCa/IpnKE/DbLiwRRwztPkb
6h5jPeWhuHguUuTq+MRu9JtW4LnHK6r90TuIKgRh5h9kYjDn3Mks3N5vQlGweeR4
cVCFVbAeEee5cmafKQBRlhmpnT3IYjzttG7IzNJSSezJgIM9sV65eSg0KzLuF9k5
Pz+4yQWzsxapezVhX4bVNzGjZkjImULDAXeuiu9GgxVAiOedcDnUFYqeOganQhfX
bTFKYYYnCb6dvCWT16M3M6o9nCGBPgRdRhQqS3wBOjU2IZR5/wwIpB/9q/TrYPjQ
6uWZ4LFNz1qFcXpEzyYSxzfnTpc+AZd1JLztj/qfVSqyWqfQ15h8LIFb0ywkkwVV
cxxZBksJ2EN7BStZCeGmBEjw3Z9TmVUUU0AOyH1TqBrRDEBAG6k=
=cNSL
-----END PGP SIGNATURE-----

Attachment: pgpXpysCEzyHD.pgp
Description: PGP signature


--- End Message ---

Reply via email to