Your message dated Sat, 17 Jan 2026 14:10:11 +0000
with message-id <[email protected]>
and subject line Bug#1124797: fixed in libmatio 1.5.30-1
has caused the Debian Bug report #1124797,
regarding libmatio: CVE-2025-50343
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
1124797: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1124797
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: libmatio
Version: 1.5.29-1
Severity: important
Tags: security upstream
Forwarded: https://github.com/tbeu/matio/issues/275
X-Debbugs-Cc: [email protected], Debian Security Team <[email protected]>
Hi,
The following vulnerability was published for libmatio.
CVE-2025-50343[0]:
| An issue was discovered in matio 1.5.28. A heap-based memory
| corruption can occur in Mat_VarCreateStruct() when the nfields value
| does not match the actual number of strings in the fields array.
| This leads to out-of-bounds reads and invalid memory frees during
| cleanup, potentially causing a segmentation fault or heap
| corruption.
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2025-50343
https://www.cve.org/CVERecord?id=CVE-2025-50343
[1] https://github.com/tbeu/matio/issues/275
[2]
https://github.com/tbeu/matio/commit/41b505410dafaa236b61b52c7910d4c4831404f2
Please adjust the affected versions in the BTS as needed.
Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: libmatio
Source-Version: 1.5.30-1
Done: Sébastien Villemot <[email protected]>
We believe that the bug you reported is fixed in the latest version of
libmatio, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Sébastien Villemot <[email protected]> (supplier of updated libmatio package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Fri, 16 Jan 2026 16:14:18 +0100
Source: libmatio
Binary: libmatio-dev libmatio-doc libmatio14 libmatio14-dbgsym matio-tools
matio-tools-dbgsym
Architecture: source amd64 all
Version: 1.5.30-1
Distribution: experimental
Urgency: medium
Maintainer: Debian Science Maintainers
<[email protected]>
Changed-By: Sébastien Villemot <[email protected]>
Description:
libmatio-dev - MATLAB MAT File I/O Library - development files
libmatio-doc - MATLAB MAT File I/O Library - documentation files
libmatio14 - MATLAB MAT File I/O Library - shared library
matio-tools - MATLAB MAT File I/O Library - command-line tools
Closes: 1124797
Changes:
libmatio (1.5.30-1) experimental; urgency=medium
.
* New upstream version 1.5.30
Deprecates usage of Mat_VarCreateStruct in favor of newly added
Mat_VarCreateStruct2 (CVE-2025-50343) (Closes: #1124797)
* SOVERSION bump 13 → 14
* d/copyright: reflect upstream changes
* Drop “Priority: optional”, since it is now the default
* Bump Standards-Version to 4.7.3
Checksums-Sha1:
303ff62d5bb4a1e0289c61577b69dc62502d1904 2167 libmatio_1.5.30-1.dsc
2860cb49038587945d390fe968d8a5e076b38e63 10185955 libmatio_1.5.30.orig.tar.gz
4d808dfca959e12d96c71c1397912714f8f39196 8592 libmatio_1.5.30-1.debian.tar.xz
e053f1f87391bfc447aa941754356cf04cac110d 120312 libmatio-dev_1.5.30-1_amd64.deb
4ca42da98c78242e050594353eabe243349cbfb4 226432 libmatio-doc_1.5.30-1_all.deb
6ecf638e6548d612013f01afb92c4e5836d8229b 504324
libmatio14-dbgsym_1.5.30-1_amd64.deb
1ba3889e1bcfa75b0e00843eaa4e92265d72fd72 119468 libmatio14_1.5.30-1_amd64.deb
7f748203cec01ff38cc2a126c39b285d231bafe8 11507
libmatio_1.5.30-1_amd64.buildinfo
114977d24d6445a2fa3424b188b4df7276275eaf 22388
matio-tools-dbgsym_1.5.30-1_amd64.deb
5e666a1494c4e007abaf60a0c845c01cbdf368f9 13964 matio-tools_1.5.30-1_amd64.deb
Checksums-Sha256:
0e2e67acb5b8d59004f2ee33524e3322024e0f584d50b6d34e802993572207b9 2167
libmatio_1.5.30-1.dsc
8bd3b9477042ecc00dd71c04762fa58468e14cccc32fd8c6826c2da1e8bc3107 10185955
libmatio_1.5.30.orig.tar.gz
f0bfed5007412501dcfb1ff2b31d4f19bd5c6f5f07d2e28eea5f875c1acaa008 8592
libmatio_1.5.30-1.debian.tar.xz
48994a3ac7bf69fc55aba32364a097f24a72c77a1bae256287254046d71db551 120312
libmatio-dev_1.5.30-1_amd64.deb
ddeaf11a1d25156c153243fd4f7aa2fe096472b385d5056f273687e06dfd7418 226432
libmatio-doc_1.5.30-1_all.deb
d6a20b6886f7f9f50dc02d6ed79b080d187efad1433dd5f9ed189d01a70ac291 504324
libmatio14-dbgsym_1.5.30-1_amd64.deb
2198e08672fd03c61ee8a70970a6f6bf5ee815d104d56ed7809f5b5eba939e2f 119468
libmatio14_1.5.30-1_amd64.deb
fc8b782346930b7ddc2e71f5688f7cfd72792946e580830257863ed947adcff3 11507
libmatio_1.5.30-1_amd64.buildinfo
31c6bdf6c618172c0e20adc8bcde588a4854b0310032ac1bc8ae581cefd7485c 22388
matio-tools-dbgsym_1.5.30-1_amd64.deb
5969c3a9b473bd158d66a3b1931af2616769495598f98a1562aec0027044327a 13964
matio-tools_1.5.30-1_amd64.deb
Files:
64a854ba0c6fc29b1a8a8c11af7f0627 2167 libs optional libmatio_1.5.30-1.dsc
47c8a541f8555e68715c79c84871af5f 10185955 libs optional
libmatio_1.5.30.orig.tar.gz
97b08c12fcbec0a6e0ec2cfce8128255 8592 libs optional
libmatio_1.5.30-1.debian.tar.xz
dfcae451256fff13b3a28e74384ca0bf 120312 libdevel optional
libmatio-dev_1.5.30-1_amd64.deb
a7e6ddaf83e5c58087ffda49d473d79b 226432 doc optional
libmatio-doc_1.5.30-1_all.deb
dcc253d92ad9f1e2d51aedfb50fd725c 504324 debug optional
libmatio14-dbgsym_1.5.30-1_amd64.deb
6f4690d769e2a8abdd3f62c68d017555 119468 libs optional
libmatio14_1.5.30-1_amd64.deb
d5461ceeff3fd48d6b834e87a20cab31 11507 libs optional
libmatio_1.5.30-1_amd64.buildinfo
fd93298996b45f0d12dd45c6f0fd5b74 22388 debug optional
matio-tools-dbgsym_1.5.30-1_amd64.deb
29380cf87714ad9232762a15af98f00e 13964 math optional
matio-tools_1.5.30-1_amd64.deb
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEU5UdlScuDFuCvoxKLOzpNQ7OvkoFAmlqV+UACgkQLOzpNQ7O
vkrgSw/8CdDF2UwMyoGlkPXwXq4zGPMXJ9Cv9SMJcysBnaf51VeP1wtKpYrGgR6D
iT91lreJ98wxaiX4sP6fBiwaZK+ntAtM+AL1E4jTy0iAteU8jTJZYwcyrTfNRlNG
O3zx9GhImIweNkbZxynkmrh6C3q31uEXwt0zPQX6vOXIWC3o58Q3vw6GlPfOXN91
8dfoPf7aPkX/rKablCasW/2TqdAvBatRWDHuCUJEuGGfLxMPJPiHPJfNVBB81qwY
6spETaoKy0l8PWeAGAJtkRcEp+BZSr76/Xfu6MLFHSiDhiKQs6jhcYRweuED2rC4
GtgeTfAt24gwGEBoHFcL/LZwFk4mrIBS3ku8VayODzGmWVT4QelGpqf4MWrvGy7e
X4q770eS+JhIxxpZPlubrIxO89ozIMqEDARRebSmu6GTnO0ryTEKhboNvTjoqRzI
HJkxis586J194c1cBy+uNDTDROEN2iApyoXF1bMpmD9+tMLbVEE3sffnpau3EJgf
YhRGeaf6QADxPYSEql9KAkc3RDzMRdEq3mOBPWIbZUm81DQroj5Yu1C6ciHuHTYf
RUIebnXE62YN1jyhxUzebieF+CQ8IvuGjxvAaGKaQIOtKpzLvgKhhf1erVeIgyTw
COSR5OK/PHrBiGiebm1sh4q7+Rzs7L20nXE1i1hFxoNc+t9buaU=
=STYV
-----END PGP SIGNATURE-----
pgpZDp2vt7FTp.pgp
Description: PGP signature
--- End Message ---
--
debian-science-maintainers mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-science-maintainers
