Bug#893525: marked as done (CVE-2018-1000097)

2018-04-07 Thread Debian Bug Tracking System 
Your message dated Sat, 07 Apr 2018 23:02:09 +
with message-id 
and subject line Bug#893525: fixed in sharutils 1:4.15.2-2+deb9u1
has caused the Debian Bug report #893525,
regarding CVE-2018-197
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
893525: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=893525
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: sharutils
Severity: grave
Tags: security

This has been assigned CVE-2018-197:
http://lists.gnu.org/archive/html/bug-gnu-utils/2018-02/msg4.html

Proposed patch at:
http://lists.gnu.org/archive/html/bug-gnu-utils/2018-02/msg5.html

Cheers,
Moritz
--- End Message ---
--- Begin Message ---
Source: sharutils
Source-Version: 1:4.15.2-2+deb9u1

We believe that the bug you reported is fixed in the latest version of
sharutils, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 893...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Santiago Vila  (supplier of updated sharutils package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Wed, 04 Apr 2018 19:46:18 +0200
Source: sharutils
Binary: sharutils sharutils-doc
Architecture: source
Version: 1:4.15.2-2+deb9u1
Distribution: stretch-security
Urgency: medium
Maintainer: Santiago Vila 
Changed-By: Santiago Vila 
Description:
 sharutils  - shar, unshar, uuencode, uudecode
 sharutils-doc - Documentation for GNU sharutils
Closes: 893525
Changes:
 sharutils (1:4.15.2-2+deb9u1) stretch-security; urgency=medium
 .
   * Apply patch from Petr Pisar to fix heap buffer overflow in unshar.
 This is CVE-2018-197. Closes: #893525.
Checksums-Sha1:
 a6e0d7650346b779e2c344133d57d5cd4da3d67d 1494 sharutils_4.15.2-2+deb9u1.dsc
 250377131bcf7a081f066ed0f9c51a0b7e0b0c04 1122476 sharutils_4.15.2.orig.tar.xz
 11c8d8cbacdbd5a851e42f85efa584ad70a95523 7784 
sharutils_4.15.2-2+deb9u1.debian.tar.xz
 1c1c9f87a17b55871ab2c8c75157bf6786830ff9 5525 
sharutils_4.15.2-2+deb9u1_source.buildinfo
Checksums-Sha256:
 2ed67aadd23af01243c5152ffad01710a2008ee60ab0a1a3d2f899f5ce29d071 1494 
sharutils_4.15.2-2+deb9u1.dsc
 2b05cff7de5d7b646dc1669bc36c35fdac02ac6ae4b6c19cb3340d87ec553a9a 1122476 
sharutils_4.15.2.orig.tar.xz
 78c3acce44d7d087953eb8ff383f8f894e35f049ed9648c9ef7e389935ff233f 7784 
sharutils_4.15.2-2+deb9u1.debian.tar.xz
 a0289d008fbab956057bbd9a54012400a39b2f7f7ab1f914d56acbd75c269aea 5525 
sharutils_4.15.2-2+deb9u1_source.buildinfo
Files:
 0d091caea0cb8addb727af32c172f482 1494 utils optional 
sharutils_4.15.2-2+deb9u1.dsc
 5975ce21da36491d7aa6dc2b0d9788e0 1122476 utils optional 
sharutils_4.15.2.orig.tar.xz
 2f47f5632d3fee81fd925c9cf2786bcc 7784 utils optional 
sharutils_4.15.2-2+deb9u1.debian.tar.xz
 2326da64be87a053d334698a1ccc5305 5525 utils optional 
sharutils_4.15.2-2+deb9u1_source.buildinfo

-BEGIN PGP SIGNATURE-

iQEzBAEBCAAdFiEE1Uw7+v+wQt44LaXXQc5/C58bizIFAlrFEWYACgkQQc5/C58b
izJVWQf/Zh/QKCfuyETYlxoMmHROnvQVT16cZ0cHV7cNESjmcxH0DfN02OWotbcF
qKF9Eq5enLhPo7cpiForBzq2RGqrbQmQzvskYCU6geTSznM7rLLawmLp58Eb00oA
nyo7fgr5kMuR25MCUK07zYX91PLn8Rx985IZUq7WUv9wIE9qXclutcMeq2L1vIip
/vUUIoz6KiTLRB4e3K4MtIRP/zoQjLdsnnuLL93vGsgphzic0EmeW+iK+CzKvgeL
VIILWm6mooIrr7GtNj46GkDgmwRb1V4raGhxoquckZjhr5q5lvu4QhmgrmcIZwYF
Kqorerji2oRZKzCR7EKwe9KbEoaiWQ==
=/dRH
-END PGP SIGNATURE End Message ---

Bug#893525: marked as done (CVE-2018-1000097)

2018-04-07 Thread Debian Bug Tracking System 
Your message dated Sat, 07 Apr 2018 22:48:07 +
with message-id 
and subject line Bug#893525: fixed in sharutils 1:4.14-2+deb8u1
has caused the Debian Bug report #893525,
regarding CVE-2018-197
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
893525: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=893525
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: sharutils
Severity: grave
Tags: security

This has been assigned CVE-2018-197:
http://lists.gnu.org/archive/html/bug-gnu-utils/2018-02/msg4.html

Proposed patch at:
http://lists.gnu.org/archive/html/bug-gnu-utils/2018-02/msg5.html

Cheers,
Moritz
--- End Message ---
--- Begin Message ---
Source: sharutils
Source-Version: 1:4.14-2+deb8u1

We believe that the bug you reported is fixed in the latest version of
sharutils, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 893...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Santiago Vila  (supplier of updated sharutils package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Wed, 04 Apr 2018 19:49:02 +0200
Source: sharutils
Binary: sharutils sharutils-doc
Architecture: source all
Version: 1:4.14-2+deb8u1
Distribution: jessie-security
Urgency: medium
Maintainer: Santiago Vila 
Changed-By: Santiago Vila 
Description:
 sharutils  - shar, unshar, uuencode, uudecode
 sharutils-doc - Documentation for GNU sharutils
Closes: 893525
Changes:
 sharutils (1:4.14-2+deb8u1) jessie-security; urgency=medium
 .
   * Apply patch from Petr Pisar to fix heap buffer overflow in unshar.
 This is CVE-2018-197. Closes: #893525.
Checksums-Sha1:
 c7fd75e63359185e79f7c23eedf14fa01314cf3f 1465 sharutils_4.14-2+deb8u1.dsc
 5d2d76caa6ee816202fb78395415bd863043d81b 1089052 sharutils_4.14.orig.tar.xz
 a69401184617dd8e3a6d03f30e37446446370ec6 6608 
sharutils_4.14-2+deb8u1.debian.tar.xz
 957347359889e5bf35735a05e84171f64d5aaa48 44234 
sharutils-doc_4.14-2+deb8u1_all.deb
Checksums-Sha256:
 eb7387cd9427c04d7caf5249db2c3b40eea4d31ef0fd8cbb3c8d7b31f04a4f4c 1465 
sharutils_4.14-2+deb8u1.dsc
 eae388efcf52aba0b081f09053189e0a3ad238561d88716b880b5c0676c07a0c 1089052 
sharutils_4.14.orig.tar.xz
 ecb9c2be1b57309681b5fd07cf2dff71a95e4d69114002a8bb1f9b5a66468b0b 6608 
sharutils_4.14-2+deb8u1.debian.tar.xz
 eaf3e411ac92819ae21ec2616edccdd0d0398b247f7adf20d3fe05307c7a8275 44234 
sharutils-doc_4.14-2+deb8u1_all.deb
Files:
 02b9d1f27b3e32c4ebf70a698dd2095d 1465 utils optional 
sharutils_4.14-2+deb8u1.dsc
 77ede22951bdb67279c6e78e79a04784 1089052 utils optional 
sharutils_4.14.orig.tar.xz
 e5580701d427c5c22a93f57e4c435349 6608 utils optional 
sharutils_4.14-2+deb8u1.debian.tar.xz
 3adaf0afb5e9793561b5d728e5518a60 44234 doc optional 
sharutils-doc_4.14-2+deb8u1_all.deb

-BEGIN PGP SIGNATURE-
Version: GnuPG v1

iQEcBAEBCAAGBQJaxRIVAAoJEEHOfwufG4sy8HMIAKgaeBEi0ADeIwKKZYl+bPWP
uTFB4stmC4oYUWvbFeNqG1GFl2+blBV1zjakaDaDCaICUURNj41R+FHkYnbUzgbE
9xvmGvJFr6WLrtfW6NfyHmTHe8LpdaSGhCJfOGR4sOluDHTd/Q6X6/NvUDPuGWUf
ljpLR4tf6Dx+6C4gwUGmQGkSkWg5rfRcTTEOCPwRGwBNh0NZm5lOgrj51DnFBNT5
HC7Gw+X7+i6UvG/YzXCRqbqMuBI1FOHPGOvLBfQqJE6XPU8KWogI/ynBTRaX57SI
u0QeWYSVer8Hwu6XcI7R1UPxBEnEGaEo1c1sJFRFBxssxJeXNvZamJFXQwETkVM=
=V9L7
-END PGP SIGNATURE End Message ---

Bug#893525: marked as done (CVE-2018-1000097)

2018-03-19 Thread Debian Bug Tracking System 
Your message dated Tue, 20 Mar 2018 00:34:50 +
with message-id 
and subject line Bug#893525: fixed in sharutils 1:4.15.2-3
has caused the Debian Bug report #893525,
regarding CVE-2018-197
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
893525: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=893525
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: sharutils
Severity: grave
Tags: security

This has been assigned CVE-2018-197:
http://lists.gnu.org/archive/html/bug-gnu-utils/2018-02/msg4.html

Proposed patch at:
http://lists.gnu.org/archive/html/bug-gnu-utils/2018-02/msg5.html

Cheers,
Moritz
--- End Message ---
--- Begin Message ---
Source: sharutils
Source-Version: 1:4.15.2-3

We believe that the bug you reported is fixed in the latest version of
sharutils, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 893...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Santiago Vila  (supplier of updated sharutils package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Tue, 20 Mar 2018 01:09:02 +0100
Source: sharutils
Binary: sharutils sharutils-doc
Architecture: source
Version: 1:4.15.2-3
Distribution: unstable
Urgency: medium
Maintainer: Santiago Vila 
Changed-By: Santiago Vila 
Description:
 sharutils  - shar, unshar, uuencode, uudecode
 sharutils-doc - Documentation for GNU sharutils
Closes: 893525
Changes:
 sharutils (1:4.15.2-3) unstable; urgency=medium
 .
   * Apply patch from Petr Pisar to fix heap buffer overflow in unshar.
 This is CVE-2018-197. Closes: #893525.
Checksums-Sha1:
 9aa6ff13e320b0f2afb1af87cf6ea97e60fc4363 1466 sharutils_4.15.2-3.dsc
 0ccde1b63f13c1da583deacaccd9e93a4097c399 7776 sharutils_4.15.2-3.debian.tar.xz
 103ae770f83a747b4008d80d99d77bd17f177348 5498 
sharutils_4.15.2-3_source.buildinfo
Checksums-Sha256:
 b40450f5e5ea6f55684e30a04316a4fa1bbf78d19a4d8ee51bd42c648d49ff2b 1466 
sharutils_4.15.2-3.dsc
 0dbdc08ebe2b274dabbbecc2df1bcb83ef9a2db94a954e43b85afcc6c4ef9efc 7776 
sharutils_4.15.2-3.debian.tar.xz
 cecaa271a3ba2084bc9166099df9347e4c24719f4503b9e75ffdbbb86927a934 5498 
sharutils_4.15.2-3_source.buildinfo
Files:
 28cf1c79b19d630f14988eb65c29fc76 1466 utils optional sharutils_4.15.2-3.dsc
 6da9ccfdda13389cfdeb044cd9e37238 7776 utils optional 
sharutils_4.15.2-3.debian.tar.xz
 beb55139090e48d19ec8aa405b1c62f8 5498 utils optional 
sharutils_4.15.2-3_source.buildinfo

-BEGIN PGP SIGNATURE-

iQEzBAEBCAAdFiEE1Uw7+v+wQt44LaXXQc5/C58bizIFAlqwUa4ACgkQQc5/C58b
izLw/Qf/RtxYjGSWFxNe79Klg3iSa0He2ZPouL5J8iPXDjYDEWzpsJfKyUnCzjyM
Ms++ED97j/qZuNYeVfvCxJlELjCr3TyDZH3ZVakKCSTbQbpJGVOQwJfTtbi/ZVSQ
qldFZWK7Ju//WLaN8acyZgm3ca3MLjiserFXnlgY6KHljivly8tOvsRO0AbxkCvo
RJsSqGVGmpPqc9VegzfJy3GsMf3X7mfb9FDVKksXNIyJgOFIanWaSL4D0S8HftWb
Pn68o5RxYjQGSWnLV88xTtd9eE35qQb95/ijmFYZ8EIY9Zb7utVmlVnuYt5p4m0V
zbtBiV/3170gru952pIuWA20Zz+YGw==
=7PLB
-END PGP SIGNATURE End Message ---