Bug#492806: marked as done (libavformat52: does not handle STR file demuxing (CVE-2008-3162))

Debian Bug Tracking System Tue, 29 Jul 2008 00:15:32 -0700

Your message dated Tue, 29 Jul 2008 09:14:18 +0200
with message-id <[EMAIL PROTECTED]>
and subject line Re: Bug#492806: libavformat52: does not handle STR file 
demuxing (CVE-2008-3162)
has caused the Debian Bug report #492806,
regarding libavformat52: does not handle STR file demuxing (CVE-2008-3162)
to be marked as done.


This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [EMAIL PROTECTED]
immediately.)


-- 
492806: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=492806
Debian Bug Tracking System
Contact [EMAIL PROTECTED] with problems

--- Begin Message ---

Package: libavformat52
Version: 0.svn20080206-11
Severity: grave
Tags: security
Justification: user security hole

ubuntu just updated their libavformat packages to patch a problem with
STR file demuxing [1].  does this problem apply to debian as well?  the
CVE number is CVE-2008-3162 [2].

[1] http://www.ubuntu.com/usn/usn-630-1
[2] http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3162

-- System Information:
Debian Release: lenny/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable'), (1, 
'experimental')
Architecture: i386 (i686)

Kernel: Linux 2.6.24-etchnhalf.1-686 (SMP w/1 CPU core)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages libavformat52 depends on:
ii  libavcodec51           0.svn20080206-11  ffmpeg codec library
ii  libavutil49            0.svn20080206-11  ffmpeg utility library
ii  libc6                  2.7-12            GNU C Library: Shared libraries
ii  zlib1g                 1:1.2.3.3.dfsg-12 compression library - runtime

libavformat52 recommends no packages.

libavformat52 suggests no packages.

-- no debconf information

--- End Message ---

--- Begin Message ---

Version: 0.svn20080206-10
merge 492806 489965
stop

Michael Gilbert <[EMAIL PROTECTED]> writes:
> Package: libavformat52
> Version: 0.svn20080206-11
> Severity: grave
> Tags: security
> Justification: user security hole
>
> ubuntu just updated their libavformat packages to patch a problem with
> STR file demuxing [1].  does this problem apply to debian as well?  the
> CVE number is CVE-2008-3162 [2].
>
> [1] http://www.ubuntu.com/usn/usn-630-1
> [2] http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3162

Thanks for your report but this bug is a clear dupe of #489965.


-- 
Gruesse/greetings,
Reinhard Tartler, KeyID 945348A4

--- End Message ---

Bug#492806: marked as done (libavformat52: does not handle STR file demuxing (CVE-2008-3162))

Reply via email to