Your message dated Fri, 07 Nov 2014 23:17:06 +0000
with message-id <e1xmsma-0008ju...@franck.debian.org>
and subject line Bug#768191: fixed in konversation 1.4-1+deb7u1
has caused the Debian Bug report #768191,
regarding CVE-2014-8483: konversation: out-of-bounds read issue
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
768191: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=768191
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: konversation
Version: 1.5-1
Severity: important

Check for invalid input in encrypted buffers

The ECB Blowfish decryption function assumed that encrypted input would
always come in blocks of 12 characters, as specified. However, buggy
clients or annoying people may not adhere to that assumption, causing
the core to crash while trying to process the invalid base64 input.

(Description copied from http://bugs.quassel-irc.org/issues/1314)



-- System Information:
Debian Release: jessie/sid
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'testing'), (500, 'stable'), (110, 
'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.16-3-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages konversation depends on:
ii  kde-runtime        4:4.14.2-1
ii  kdepim-runtime     4:4.14.2-1
ii  konversation-data  1.5-1
ii  libc6              2.19-12
ii  libgcc1            1:4.9.1-19
ii  libkabc4           4:4.14.2-1
ii  libkde3support4    4:4.14.2-3
ii  libkdecore5        4:4.14.2-3
ii  libkdeui5          4:4.14.2-3
ii  libkemoticons4     4:4.14.2-3
ii  libkidletime4      4:4.14.2-3
ii  libkio5            4:4.14.2-3
ii  libknotifyconfig4  4:4.14.2-3
ii  libkparts4         4:4.14.2-3
ii  libkresources4     4:4.14.2-1
ii  libnepomuk4        4:4.14.2-3
ii  libnepomukutils4   4:4.14.2-3
ii  libphonon4         4:4.8.0-3
ii  libqca2            2.0.3-6
ii  libqt4-dbus        4:4.8.6+git64-g5dc8b2b+dfsg-2+b1
ii  libqt4-network     4:4.8.6+git64-g5dc8b2b+dfsg-2+b1
ii  libqt4-qt3support  4:4.8.6+git64-g5dc8b2b+dfsg-2+b1
ii  libqt4-svg         4:4.8.6+git64-g5dc8b2b+dfsg-2+b1
ii  libqt4-xml         4:4.8.6+git64-g5dc8b2b+dfsg-2+b1
ii  libqtcore4         4:4.8.6+git64-g5dc8b2b+dfsg-2+b1
ii  libqtgui4          4:4.8.6+git64-g5dc8b2b+dfsg-2+b1
ii  libsolid4          4:4.14.2-3
ii  libsoprano4        2.9.4+dfsg-1.1
ii  libstdc++6         4.9.1-19
ii  phonon             4:4.8.0-3

konversation recommends no packages.

konversation suggests no packages.

-- no debconf information

--- End Message ---
--- Begin Message ---
Source: konversation
Source-Version: 1.4-1+deb7u1

We believe that the bug you reported is fixed in the latest version of
konversation, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 768...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Salvatore Bonaccorso <car...@debian.org> (supplier of updated konversation 
package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 05 Nov 2014 11:03:31 -0800
Source: konversation
Binary: konversation konversation-data konversation-dbg
Architecture: source amd64 all
Version: 1.4-1+deb7u1
Distribution: wheezy-security
Urgency: high
Maintainer: Debian KDE Extras Team <pkg-kde-extras@lists.alioth.debian.org>
Changed-By: Salvatore Bonaccorso <car...@debian.org>
Description: 
 konversation - user friendly Internet Relay Chat (IRC) client for KDE
 konversation-data - data files for Konversation
 konversation-dbg - debugging symbols for Konversation
Closes: 768191
Changes: 
 konversation (1.4-1+deb7u1) wheezy-security; urgency=high
 .
   * Backport fix for CVE-2014-8483 in cve-2014-8483.patch
     See https://security-tracker.debian.org/tracker/CVE-2014-8483
     (Closes: #768191)
Checksums-Sha1: 
 10a4b285550334c2130a8af7e99eef5158a71713 2235 konversation_1.4-1+deb7u1.dsc
 90741721f68a02d4345b9006a8ae53bc49ef3777 2902368 konversation_1.4.orig.tar.xz
 8b0250a0c0341804f2921430a143cee8c31b673a 29702 
konversation_1.4-1+deb7u1.debian.tar.gz
 454ba7e206b6268e425017950c30b1dd159f2dc4 1020982 
konversation_1.4-1+deb7u1_amd64.deb
 16bb34c97e0904e21ab697944c079cf2e045de6b 4082470 
konversation-data_1.4-1+deb7u1_all.deb
 6ab517d0ff2f5611b05c85ad1e678377e3d4e97b 309148 
konversation-dbg_1.4-1+deb7u1_amd64.deb
Checksums-Sha256: 
 ed487c535b7e268befee76b6574d226ff1efa9bc72d91523fb81690e3b054582 2235 
konversation_1.4-1+deb7u1.dsc
 db4e605a27dd6012972aa4d2c07cd4736f9e6a68febb41a5d59f3614d6d21b0c 2902368 
konversation_1.4.orig.tar.xz
 1c6ae9493ad039805204f444382b1177727905023eeaf8207e7be9b5e9c65cbf 29702 
konversation_1.4-1+deb7u1.debian.tar.gz
 f8a2751be5fe818b580a80cb1eede56c4d4c424bc297bc3624d12eb33afc65c9 1020982 
konversation_1.4-1+deb7u1_amd64.deb
 f6481597bb256a08e01e39a4fe321d1a8f99fa5196f125eedd6aadef144945f1 4082470 
konversation-data_1.4-1+deb7u1_all.deb
 c4bb8aeebae0a2aa2ea6623ff25bfd38eb19919bc16e64bb52ec4fbcfafcf369 309148 
konversation-dbg_1.4-1+deb7u1_amd64.deb
Files: 
 73bf6e9ec905f91681821c8d7834e897 2235 net optional 
konversation_1.4-1+deb7u1.dsc
 f67271f08b9da75dc9daff9ecbf3b365 2902368 net optional 
konversation_1.4.orig.tar.xz
 b81009912851d14ee1825826d31b32de 29702 net optional 
konversation_1.4-1+deb7u1.debian.tar.gz
 d910b6e40c960b3635b07439020cdbbe 1020982 net optional 
konversation_1.4-1+deb7u1_amd64.deb
 0e3be6d5b12d8f4efad033b80bc00f90 4082470 net optional 
konversation-data_1.4-1+deb7u1_all.deb
 ff13fdaa260c564c9c75d61c642e6737 309148 debug extra 
konversation-dbg_1.4-1+deb7u1_amd64.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQIcBAEBCgAGBQJUW2V8AAoJEAVMuPMTQ89EaQAP/0XuHTxu2DcNnRsZMvzIXFPC
Lzz+PpI9WklliSZ4zWWV4bAyDh6yeTDrC3Tz0SHNW7tG65okAHNLXhfPcdwb8LKW
wrYq1LHaiLmZIavjLhw74XCoU9MaxweL9TVMY0Pi/edzWYpGDWKIaVUIOxbcLOtn
GlQTYI4R0PqLhR1+P2hugSdpSWp8bgrbQovQwhuk2NiyDh7oiCL+KxiADEXMi229
y9GK0Q+BLHpq0k/m5OyAblGxUH1k21AKPq3EcxViTBH0C4+KG9o7qaqZSBLJZ2Q6
fwXAT+U2Y9KqcmsocqKTBS6+HHlXi2sGGn7OlGEN8X1xakPhqpNtXp1rc2nNBv5v
3l3CRp8DHIBcwWhS0feTBnkXoL4HjNjBaj+QSk2ypN8nt1EYGTainszCDTvtlGJ/
gv3BCkmA9daULhCSsbUzCnk/rBHlDN0yiLheNN01f9UqbooaSRT1OWkUfsp0VLv6
W80J2qr2KYmfwOdK6tUQULJwP2FvPW51Ov6Dzejfb0tlvc6ZzQfaNyV1NEoJow7I
tFpp3pMBQJTYMWc9ojn8p6QNineN86mbpULl3iTN9076Q7CEGNqCBPlU+bMMpMLa
eIgGcfxCmbqEwzCEIM8FX6mNC/6LmHel+7c3ns7tqgaWbpUdftrulEt0J9j535Ej
jW/kJt03oUAaV5/Q0Q61
=stYs
-----END PGP SIGNATURE-----

--- End Message ---
_______________________________________________
pkg-kde-extras mailing list
pkg-kde-extras@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-kde-extras

Reply via email to