plaso is marked for autoremoval from testing
plaso 1.5.1+dfsg-4 is marked for autoremoval from testing on 2018-04-06 It (build-)depends on packages with these RC bugs: 888139: dfvfs: dfvfs FTBFS: ERROR: testScanFVDE (helpers.source_scanner.SourceScannerTest) ___ forensics-devel mailing list forensics-devel@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/forensics-devel
forensics-all is marked for autoremoval from testing
forensics-all 1.7 is marked for autoremoval from testing on 2018-04-06 It (build-)depends on packages with these RC bugs: 888139: dfvfs: dfvfs FTBFS: ERROR: testScanFVDE (helpers.source_scanner.SourceScannerTest) ___ forensics-devel mailing list forensics-devel@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/forensics-devel
dfvfs is marked for autoremoval from testing
dfvfs 20171230-1 is marked for autoremoval from testing on 2018-04-06 It is affected by these RC bugs: 888139: dfvfs: dfvfs FTBFS: ERROR: testScanFVDE (helpers.source_scanner.SourceScannerTest) ___ forensics-devel mailing list forensics-devel@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/forensics-devel
Bug#892599: afflib: CVE-2018-8050
I checked in the fix for this in commit 435a2ca ( https://github.com/sshock/AFFLIBv3/commit/435a2ca). (Sorry I didn't have a CVE id yet so that was not included in the commit comment.) What needs to happen now? Do I need to do anything or can you guys take it from here? Phillip On Sun, Mar 11, 2018 at 3:40 AM, Salvatore Bonaccorso wrote: > Source: afflib > Version: 3.7.5-1 > Severity: important > Tags: patch security upstream > > Hi, > > the following vulnerability was published for afflib. > > CVE-2018-8050[0]: > | The af_get_page() function in lib/afflib_pages.cpp in AFFLIB (aka > | AFFLIBv3) through 3.7.16 allows remote attackers to cause a denial of > | service (segmentation fault) via a corrupt AFF image that triggers an > | unexpected pagesize value. > > If you fix the vulnerability please also make sure to include the > CVE (Common Vulnerabilities & Exposures) id in your changelog entry. > > For further information see: > > [0] https://security-tracker.debian.org/tracker/CVE-2018-8050 > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8050 > [1] https://github.com/sshock/AFFLIBv3/commit/ > 435a2ca802358a3debb6d164d2c33049131df81c > > Please adjust the affected versions in the BTS as needed. > > Regards, > Salvatore > > ___ forensics-devel mailing list forensics-devel@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/forensics-devel
Bug#892599: afflib: CVE-2018-8050
Source: afflib Version: 3.7.5-1 Severity: important Tags: patch security upstream Hi, the following vulnerability was published for afflib. CVE-2018-8050[0]: | The af_get_page() function in lib/afflib_pages.cpp in AFFLIB (aka | AFFLIBv3) through 3.7.16 allows remote attackers to cause a denial of | service (segmentation fault) via a corrupt AFF image that triggers an | unexpected pagesize value. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2018-8050 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8050 [1] https://github.com/sshock/AFFLIBv3/commit/435a2ca802358a3debb6d164d2c33049131df81c Please adjust the affected versions in the BTS as needed. Regards, Salvatore ___ forensics-devel mailing list forensics-devel@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/forensics-devel