Your message dated Sat, 20 Feb 2010 10:55:30 +0000
with message-id <[email protected]>
and subject line Bug#570068: fixed in pyfribidi 0.10.0-2
has caused the Debian Bug report #570068,
regarding pyfribidi: heap-based buffer overflow
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
570068: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=570068
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: pyfribidi
Version: 0.6-1
Severity: grave
Tags: security
Justification: user security hole
pyfribidi is susceptible to heap-based buffer overflows, see the
upstream bugreport:
http://sourceforge.net/tracker/?func=detail&aid=2676136&group_id=158366&atid=807545
Unfortunately, the upstream "fix" for this problem intoroduced in
pyfribidi 0.9 only made the bug more blatant.
According to the original reporter, pyfribidi is affected only if
fribidi >= 0.19.1 is installed. If this is actually the case, the bug is
a non-issue for lenny.
--
Jakub Wilk
signature.asc
Description: Digital signature
--- End Message ---
--- Begin Message ---
Source: pyfribidi
Source-Version: 0.10.0-2
We believe that the bug you reported is fixed in the latest version of
pyfribidi, which is due to be installed in the Debian FTP archive:
pyfribidi_0.10.0-2.debian.tar.gz
to main/p/pyfribidi/pyfribidi_0.10.0-2.debian.tar.gz
pyfribidi_0.10.0-2.dsc
to main/p/pyfribidi/pyfribidi_0.10.0-2.dsc
python-pyfribidi-dbg_0.10.0-2_i386.deb
to main/p/pyfribidi/python-pyfribidi-dbg_0.10.0-2_i386.deb
python-pyfribidi_0.10.0-2_i386.deb
to main/p/pyfribidi/python-pyfribidi_0.10.0-2_i386.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
أحمد المحمودي (Ahmed El-Mahmoudy) <[email protected]> (supplier
of updated pyfribidi package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Tue, 16 Feb 2010 22:40:15 +0200
Source: pyfribidi
Binary: python-pyfribidi python-pyfribidi-dbg
Architecture: source i386
Version: 0.10.0-2
Distribution: unstable
Urgency: low
Maintainer: Debian Python Modules Team
<[email protected]>
Changed-By: أحمد المحمودي (Ahmed El-Mahmoudy)
<[email protected]>
Description:
python-pyfribidi - FriBidi Python bindings
python-pyfribidi-dbg - FriBidi Python bindings (debug symbols)
Closes: 570068
Changes:
pyfribidi (0.10.0-2) unstable; urgency=low
.
* Added python-pyfribidi-dbg package.
* debian/rules:
+ pass --buildsystem= instead of -S to dh, as a workaround for bug
#570039.
+ Override dh_auto_test to run tests_pyfribidi.py
* Added patch buffer_overflow.diff to create an output buffer that assumes
4-byte sequences for all Unicode characters (Closes: #570068)
* Added patch testbigString.diff to resurrect bigString test that was
removed in upstream release 0.8
Checksums-Sha1:
8e0e35fb384c14889ade1e33c43b7ad8749b6b57 2215 pyfribidi_0.10.0-2.dsc
567465d057724daff21dc7a6fe0e20bfa69b6b55 4450 pyfribidi_0.10.0-2.debian.tar.gz
54d2d52caad3eaa2b65968bb76d1600c12844720 11514
python-pyfribidi_0.10.0-2_i386.deb
0e8fcf96b5c5df781716cf355ad3c16764c28a31 23974
python-pyfribidi-dbg_0.10.0-2_i386.deb
Checksums-Sha256:
c8072931782875173fd7553894f715fc3621c950b2f7e28040cd387b32414c2c 2215
pyfribidi_0.10.0-2.dsc
e53d110554221ae6b1e22b2509f037aa6e3f8fa8b200388c1e6063c10887fbc2 4450
pyfribidi_0.10.0-2.debian.tar.gz
bcdee6167eeb31477c8a5ac1d4b4ec30a78c10d871a825ba4582c71580123a37 11514
python-pyfribidi_0.10.0-2_i386.deb
4c533a7434a12b7702ccd55651cee64ffb1714b564db1c0e8fa2be64e7bdd92c 23974
python-pyfribidi-dbg_0.10.0-2_i386.deb
Files:
9d0f0b95cdb49314141a8ca955bff156 2215 python optional pyfribidi_0.10.0-2.dsc
80ca0f5fc57844a467d5bcf683f0dbab 4450 python optional
pyfribidi_0.10.0-2.debian.tar.gz
a7394aa167c44faa3b22145cec4093cb 11514 python optional
python-pyfribidi_0.10.0-2_i386.deb
32d54cd7f7284b69f998d7ae23e2224a 23974 debug extra
python-pyfribidi-dbg_0.10.0-2_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iQIcBAEBCAAGBQJLeweXAAoJEC1Os6YBVHX1jcIQALloCOUZqbI9upaQ4kX68hFv
puCKsl2MINs0tgC9QQggT7IaCidNZbPEAgVjs/V24gthY/LmJOpEyLec9OfkX8iq
vphqVXCjqREB6TJvhN2mIjaNq0PpU/jqeszzY4euULL29MfJHp89lOiz3crF1z6i
mcAiBwD5bobd82RSu/db7fwlntT9omQ5JU61fXqmSRVx2dutI4McZP1OhYx+MHF3
y0oS+Ex2U5zZagc4fc/ssqt/0aJ7Be1j1Qp6SBGWdm4D7byZvS+Z4i6UQaAvMoQk
ulUVaa/lbiLfsG4FT5XVfp+nOsoc+lpDgyXyMHH+4mpCw3wTeiVrGsAiOrht6HJb
PoWtYlfXH4m9lTLXw30mtrDSERkJL4HnCQFAeJY6t8cuZrbv3Us9owJSQZG4a/ND
z4h6jtK3yl5Q6W3d5eeKMC2sUTK7mvJ0F4Bza6yeDwsdiPpj+N6uLbErTHHk1wj4
TwSkbXWOKK1MfH0iDAAegdoDD4i15sGsB+A5lMSDFygnt+f/gpzpl0YV4YjoAIsq
UUsk/KA+RISC560IKAlMOZmIIcunrQbkEW3TEz/8m1sKJuBhATqZ08NXv0o06kRt
0sUZt088dw/rkyNEc0ULiQOV9NvEDB/uzamuHJRx7/k9uLT4oVWx7b7C94MhXvwr
+aRwhpUT2ZHBEKRV1v0W
=bkQr
-----END PGP SIGNATURE-----
--- End Message ---
_______________________________________________
Python-modules-team mailing list
[email protected]
http://lists.alioth.debian.org/mailman/listinfo/python-modules-team
