Your message dated Sun, 03 Nov 2013 17:33:31 +0000 with message-id <e1vd1yj-0006bl...@franck.debian.org> and subject line Bug#728333: fixed in console-tools 2:0.2.3-73 has caused the Debian Bug report #728333, regarding console-tools: FTBFS due to format string vulnerability to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 728333: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=728333 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Source: console-tools Version: 2:0.2.3-72 Severity: serious Justification: fails to build from source (but built successfully in the past) ksyms.c: In function 'list_charsets': ksyms.c:1667:5: error: format not a string literal and no format arguments [-Werror=format-security] fprintf(f, charsets[i].charset+lth); ^ This is pretty nasty. I’m currently testing a patch (basically adding "%s", after f, there), and will send it when it works. This appears to be masked on other architectures because they errorneously don’t build with -Wformat -Werror=format-security (no idea why). Full build log is at: http://buildd.debian-ports.org/status/fetch.php?pkg=console-tools&arch=m68k&ver=2%3A0.2.3-72&stamp=1383160956 It’s still a bug, of course ;-) -- System Information: Debian Release: jessie/sid APT prefers unreleased APT policy: (500, 'unreleased'), (500, 'unstable') Architecture: m68k Kernel: Linux 3.11-1-m68k Locale: LANG=C, LC_CTYPE=C.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/lksh
--- End Message ---
--- Begin Message ---Source: console-tools Source-Version: 2:0.2.3-73 We believe that the bug you reported is fixed in the latest version of console-tools, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 728...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Alastair McKinstry <mckins...@debian.org> (supplier of updated console-tools package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Sun, 03 Nov 2013 17:16:55 +0000 Source: console-tools Binary: console-tools libconsole console-tools-dev kbd-compat Architecture: source i386 all Version: 2:0.2.3-73 Distribution: unstable Urgency: low Maintainer: Alastair McKinstry <mckins...@debian.org> Changed-By: Alastair McKinstry <mckins...@debian.org> Description: console-tools - Linux console and font utilities console-tools-dev - Development files for Linux console and font manipulation kbd-compat - Wrappers around console-tools for backward compatibility with `kb libconsole - Shared libraries for Linux console and font manipulation Closes: 728333 Changes: console-tools (2:0.2.3-73) unstable; urgency=low . [Thorsten Glaser] * Fix FTBFS due to format string problem. Closes: #728333. Checksums-Sha1: 91f99a9d813ec6bd8221b9a031d44c80d59a3f9f 1936 console-tools_0.2.3-73.dsc e36d37701835053fb22fad8da65fb3725fc2bdc7 1722014 console-tools_0.2.3-73.debian.tar.gz 4ac5ab9fdf7c8cab1a03769cbdb2c6178d34c762 272022 console-tools_0.2.3-73_i386.deb 0724e221f68d19c315a723686b015e945a61e4d2 113898 libconsole_0.2.3-73_i386.deb b9de4b373638c6eaf70e5f68a2cfec8aff83ae20 74376 console-tools-dev_0.2.3-73_i386.deb 9b7f34ee8770aeeadf9704cbd8fa5822596962c8 45160 kbd-compat_0.2.3-73_all.deb Checksums-Sha256: c6f6b7a854a59171362515c666df46853fd93dc1a7678299723b552f43dcc07c 1936 console-tools_0.2.3-73.dsc 81e0166c87194e64c8d305c17e4affa0ceb3e22ead70aad2dda62fda30af7551 1722014 console-tools_0.2.3-73.debian.tar.gz b7a1958b4ea66cd88bc4e83a25247da0cdf2b3b1d2068ac7891611ded0a3d0fb 272022 console-tools_0.2.3-73_i386.deb 527d96914680dc5895f5e7179e9edec4c16a38bed0b30700fab896a18bf2742a 113898 libconsole_0.2.3-73_i386.deb 95da3fa95598f769c990584cbfefd9494e1f22e92d597bf6a25ac850649f0cd1 74376 console-tools-dev_0.2.3-73_i386.deb 02c398afd061ad2621da4366ef9a6a976fd8e39e9a3bd37e9dfdcda79f3fafe6 45160 kbd-compat_0.2.3-73_all.deb Files: de1a0a6b30fae3df535938e4c18ea7ed 1936 utils extra console-tools_0.2.3-73.dsc 3ad7865f07a6c406c62d2f6d8ee57d24 1722014 utils extra console-tools_0.2.3-73.debian.tar.gz bfe3ca744259a5718621f6c60f302ef9 272022 utils extra console-tools_0.2.3-73_i386.deb d6543510dda4b28a7b4822c79414fee0 113898 libs optional libconsole_0.2.3-73_i386.deb 91c9f66d0b4439508837a23e032e36f7 74376 devel optional console-tools-dev_0.2.3-73_i386.deb 6aeed44aea060575dc5668918ee347f7 45160 utils optional kbd-compat_0.2.3-73_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.15 (GNU/Linux) iQIcBAEBCAAGBQJSdoa4AAoJEN9LdrZRJ3Qs+rEQAKsXaUy9rsHgOo/wtx06XiqY ZyQLMPXMAFbnfwDwIwaOLiUxdGJh3M2YoDnATSLM0HpWTIzGS7uXK8yaDn4+NrVg C79islGrJ7VLZ1QDTPB7Rgk8odXR8TnIosn5IrrYQ4NRjWUjMTNoCwxzPXe+x2HV yZvxYTCHdMRhU3NqFD25bQLyz6a2OgeIMj0ezm8Xw8gpf+pYB9PZpT+Iae9/ns1L ca0A0MTHDTGdVUJurjKNjBgEyHEAiWIzfrmtU/g2fE+/P+fiKbhhiD5mkBI0HYN1 9q8oejxQEiKrqMzCBXUPoNUTGxEhb20C7zDAq+LrH7SU5quyzTlL/QbpC8/uOdKz lnuSsRjdfXx6nPhtfBbNv/DMuP9CseHaRce3ApWqrsm7vY2v51cd6G+mDvWflu7Q RwwxnoV86zbu6/aGc9GYk1mjhy96Re/JicM512FceGssP66O0pEcZ9ZZ+lgTouyj TAZ3GqxpJYHL+nkIoAzYyKdWuAYLc6BWe/OpH0hSK5AyZKAPFUG6ePfCgACB4lLr oFvm01Xda2cA775EAMWd4R4WqBihQwXGV/7UWoH5gqhC4pscPZav/fdXhQouejCS rJ/mk/ynT6lO7TB1eAkVDBZA0PlcBO0tTaLyuIUX3pswdAUMlp3yP+j7bRMLoXL5 SDZw6a7i5vI9m6bFzXue =CBqE -----END PGP SIGNATURE-----
--- End Message ---
