Your message dated Tue, 30 Jun 2026 18:17:27 +0000
with message-id <[email protected]>
and subject line Bug#1140003: fixed in openslide 3.4.1+dfsg-6+deb12u1
has caused the Debian Bug report #1140003,
regarding openslide: CVE-2026-48977
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
1140003: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1140003
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: openslide
Version: 3.4.1+dfsg-7
Severity: grave
Tags: security upstream
X-Debbugs-Cc: [email protected], Debian Security Team <[email protected]>
Hi,
The following vulnerability was published for openslide.
CVE-2026-48977[0]:
| Arbitrary memory write with crafted Ventana BIF file
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2026-48977
https://www.cve.org/CVERecord?id=CVE-2026-48977
[1]
https://github.com/openslide/openslide/security/advisories/GHSA-mxg2-48g7-fmwc
Please adjust the affected versions in the BTS as needed.
Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: openslide
Source-Version: 3.4.1+dfsg-6+deb12u1
Done: Étienne Mollier <[email protected]>
We believe that the bug you reported is fixed in the latest version of
openslide, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Étienne Mollier <[email protected]> (supplier of updated openslide package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sun, 14 Jun 2026 19:52:57 +0200
Source: openslide
Architecture: source
Version: 3.4.1+dfsg-6+deb12u1
Distribution: bookworm
Urgency: medium
Maintainer: Debian Med Packaging Team
<[email protected]>
Changed-By: Étienne Mollier <[email protected]>
Closes: 1140003
Changes:
openslide (3.4.1+dfsg-6+deb12u1) bookworm; urgency=medium
.
* Team upload.
* CVE-2026-48977.patch: new: fix CVE-2026-48977.
The change lacks attempt to apply the test case, because the binary
representation of a newly introduced test file is not possible in the
patch. (Closes: #1140003)
Checksums-Sha1:
bb20f4b32617d05055ffb783e819fddf02d6e897 2715
openslide_3.4.1+dfsg-6+deb12u1.dsc
184f0d838630e35bae1d7ca9ae47a41c62a7c0d9 20268
openslide_3.4.1+dfsg-6+deb12u1.debian.tar.xz
Checksums-Sha256:
7894705709a2f881c57ed4a7b3a61597c06856be66d18b348e897801b14baba0 2715
openslide_3.4.1+dfsg-6+deb12u1.dsc
65932795fcae6d8e5eda6bba1d06fc8b84fc7efc7e8633fe26752e891d38e015 20268
openslide_3.4.1+dfsg-6+deb12u1.debian.tar.xz
Files:
800891979a0ebfa355a929deaff72660 2715 libs optional
openslide_3.4.1+dfsg-6+deb12u1.dsc
2b68b63f2fa3b334f8f01234cfb28da1 20268 libs optional
openslide_3.4.1+dfsg-6+deb12u1.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
iQJIBAEBCgAyFiEEj5GyJ8fW8rGUjII2eTz2fo8NEdoFAmpDYBcUHGVtb2xsaWVy
QGRlYmlhbi5vcmcACgkQeTz2fo8NEdrECA//fMOonCmrKCdi72sVR/LEhwQyXy4t
4jL8i5YtXZaSZybzm1+jwSlSNmetW2k63giuLd3cZMdMMZirAYe792oAIYZV0HqK
ZRcktxc28PbBPf2FePIT9owSA8yB/uoh3fpvmVwtdbn2ff9OwNjC03D/pCaCXMhZ
0RMcz39r+XBxW7kssg32XG4XuRniuDmkH0fxF7IV648gTl9tQDUNGPV+0F6Rq9vF
KtHTubvcticWZJVQQhshGKy554bQxDpqmlIa4MrLx6TQvTBzkn5MKKhFU7VTgMM1
rXQAOcdnoHO0zLL+50iPeOpcPe0KcmmlmdJXKFjJNPsD8k/gDlrei30AC7Nep7XD
2B2zCENyUNle2PYoVmufbutqCtPzkgyX/TW2nuSHMqK8Ulp3XNxxwG5DzSpK+KUi
9kph8yCZvTbKgqCpdfI1AcZUxR6LnAhGvdPNcqhurlaHQj5XNF2eL8De7YAfy0Qy
Gx6hfL1pBkF/CQ0O1LDlyEUVIvfYrkRLW3mxiYkXBC7SqjTZSceuUd3cJc42GWmS
pAu1dq2coDN3pa3XSQFCEF1T9RNdgC4erhsQ8/kqStfFhx4EIXSVxUNkbEpSlUyM
pN3o3oxh1L8bUGpR4YzQ9ErZZyQW5syYL3huR7R69ttbVK8LThA35L/NEi8ykvJf
mEdG/xiksGIsBHk=
=kmRF
-----END PGP SIGNATURE-----
pgp1hOf14Zizm.pgp
Description: PGP signature
--- End Message ---