Your message dated Mon, 17 Oct 2016 10:28:57 +0000
with message-id <e1bw5a9-0004hy...@franck.debian.org>
and subject line Bug#840889: fixed in libiberty 20161017-1
has caused the Debian Bug report #840889,
regarding CVE-2016-4491 and CVE-2016-6131 not fixed in libiberty_20161011-1
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
840889: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=840889
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: libiberty
Version: 20161011-1
Severity: important
Tags: security patch
Dear maintainer,
as noted here [1], two CVEs CVE-2016-4491 CVE-2016-6131 were
not were not fixed by a previous upload, because upstream
did not include the corresponding patches.
I have prepared a patch, which will be attached in the next mail.
[1] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=840360#19
Thanks,
Anton
--- End Message ---
--- Begin Message ---
Source: libiberty
Source-Version: 20161017-1
We believe that the bug you reported is fixed in the latest version of
libiberty, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 840...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Matthias Klose <d...@debian.org> (supplier of updated libiberty package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Mon, 17 Oct 2016 11:37:08 +0200
Source: libiberty
Binary: libiberty-dev
Architecture: source
Version: 20161017-1
Distribution: unstable
Urgency: medium
Maintainer: Debian GCC Maintainers <debian-...@lists.debian.org>
Changed-By: Matthias Klose <d...@debian.org>
Description:
libiberty-dev - library of utility functions used by GNU programs
Closes: 840889
Changes:
libiberty (20161017-1) unstable; urgency=medium
.
* Update to 20161017 (CVE-2016-6131). Closes: #840889.
* Don't apply "fixes" which are not yet accepted upstream.
Checksums-Sha1:
ddb8a9ed0b3275167a0f941875f7f07790f34b4f 1806 libiberty_20161017-1.dsc
15bc44e07f48d1f5e5fe8a7e2116b624c5ddc822 1110536 libiberty_20161017.orig.tar.xz
719c00dda5c533911d45412e6af972f0c5c8c98e 4232
libiberty_20161017-1.debian.tar.xz
Checksums-Sha256:
6273de1d5fcfff272f6b1062f75793641d2227e65775655d6a93b66e2ca4b7ac 1806
libiberty_20161017-1.dsc
8baf4543156267835650f26f9eb54cb65a9a0de695ab5733d8212bdfa4c35ebf 1110536
libiberty_20161017.orig.tar.xz
28e4bbc7449599ce6f86b37c545ea5ce67b872f4d88a93a9ec2def85c40ec1e7 4232
libiberty_20161017-1.debian.tar.xz
Files:
d8d5a228cc417fc7322308370e1ec932 1806 libdevel optional
libiberty_20161017-1.dsc
4946afdda7edb0e8990954df1aa6740f 1110536 libdevel optional
libiberty_20161017.orig.tar.xz
2bf911ade7950dbaef20b3482ef7d935 4232 libdevel optional
libiberty_20161017-1.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
iQItBAEBCAAXBQJYBJy1EBxkb2tvQGRlYmlhbi5vcmcACgkQvX6qYHePpvVvYBAA
yIgikH73WuHWWbjsNa7CMCSl6/0s7m1FBiE5KoEEXdPVTEKh2jiET/kcZfuotuk5
RMJFJqDg7t0huVXe762NqX/zDLGMKTb3/F+3DGecX2LD+PYWkJFfF30DhMhzI3RX
DRoXW1/4lW7/QKj1ZHFT61h24ODl1057E1YE/LX4zNpMCYdB+kXS45AMVONkQke4
fZ9ygDRUS3emcgUlZWpRgD3ovNKMYWr1w+FQlrr6lBeHxwrnKlz9e8BkvhI73zzS
PPCu0xgBxJFNVlKCJPApw/FAEERz7OGjSdN71Fq0kCk1YY8J27BnKprIrhGicZ76
SvPJ6gSl8ftkC/dl8Tma1OLZXk6ZBzqo386EjVKlO8wJEiVluJP1nv8zaL7xrA/D
cDHzUzstQ/H8CHYIkj84z67nhqrnamTBMb2f+z/PDZvnrQ0BJ0D78zqn13mZygaT
2wmJJnuhHhtOK6ifkhZVC9CBvJx89CTqHFOE/Tdvd2kFx73jGMPDVDp3pQbZ7Q0M
5UkS9KowhIKna23D8pjNLtFK5mQ/Ev4X1HFZfQ3GtTNVBn0GljCG1chTm1J1iAl4
On6O6LCIzxg+K1BM3xIK7nsyIJLlevghzbLZrrkaiexJcoXAKDn6gmDwTTzwCg95
mb2aYMC8pRYmeKvaAdGIoXv7nwU73XJpdG9Hx0Oj6Eo=
=8vvp
-----END PGP SIGNATURE-----
--- End Message ---
