Your message dated Fri, 03 Apr 2015 18:17:05 +0000 with message-id <e1ye69r-0004dx...@franck.debian.org> and subject line Bug#781228: fixed in freexl 1.0.0b-1+deb7u1 has caused the Debian Bug report #781228, regarding freexl: Multiple vulnerabilitities to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 781228: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=781228 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: freexl Severity: grave Tags: security Justification: user security hole Hi, multiple vulnerabilities have been found in freexl. Please see this posting on oss-security for additional details: http://www.openwall.com/lists/oss-security/2015/03/25/1 This is fixed in experimental, but since we're in freeze, testing should rather be fixed with a targeted upload to sid plus unblock. (A patch set and reproducers are linked from the oss-security posting). Cheers, Moritz
--- End Message ---
--- Begin Message ---Source: freexl Source-Version: 1.0.0b-1+deb7u1 We believe that the bug you reported is fixed in the latest version of freexl, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 781...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Bas Couwenberg <sebas...@debian.org> (supplier of updated freexl package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Thu, 26 Mar 2015 11:46:40 +0100 Source: freexl Binary: libfreexl-dev libfreexl1 libfreexl1-dbg Architecture: source amd64 Version: 1.0.0b-1+deb7u1 Distribution: wheezy-security Urgency: high Maintainer: David Paleino <da...@debian.org> Changed-By: Bas Couwenberg <sebas...@debian.org> Description: libfreexl-dev - library for direct reading of Microsoft Excel spreadsheets - deve libfreexl1 - library for direct reading of Microsoft Excel spreadsheets libfreexl1-dbg - library for direct reading of Microsoft Excel spreadsheets - debu Closes: 781228 Changes: freexl (1.0.0b-1+deb7u1) wheezy-security; urgency=high . * Add myself to Uploaders. * Update Vcs-* URLs for move to pkg-grass & wheezy branch for Vcs-Git. * Add patch to fix vulnerabilities identified by American Fuzzy Lop. (closes: #781228) Checksums-Sha1: eed18978fa583e421791f8828ae002b19cee0216 2016 freexl_1.0.0b-1+deb7u1.dsc 04e7dbf2beec98cb033dce63f66b4017bc796499 909489 freexl_1.0.0b.orig.tar.gz 94f1c1367ab2179b9d4249f2a2d6a98825be0747 3608 freexl_1.0.0b-1+deb7u1.debian.tar.gz 5de49220b12469d3730681242275e48d2339a6b0 25778 libfreexl-dev_1.0.0b-1+deb7u1_amd64.deb 58e6157a646a7e28b718c036dcf675cd3e97b4dd 20258 libfreexl1_1.0.0b-1+deb7u1_amd64.deb 23bc6f92734624255a1300ee78ec2a5a1ea8a04c 44618 libfreexl1-dbg_1.0.0b-1+deb7u1_amd64.deb Checksums-Sha256: ba3d273834b9aaaabaed97026410990b58a581926a11eb6ba7e7885028d4d0e8 2016 freexl_1.0.0b-1+deb7u1.dsc da60c6041badd24114b3e4415d72de50c4f1c243fde179a24494e5bbcdc658f0 909489 freexl_1.0.0b.orig.tar.gz 4049228ee6c1a8a4558600a3aef09c804ef978211a4a30d59eb55fdba7f9eede 3608 freexl_1.0.0b-1+deb7u1.debian.tar.gz 87d93337de11cbaee516e2fbf1a3c101827473af84e4de8047a61fb70b689547 25778 libfreexl-dev_1.0.0b-1+deb7u1_amd64.deb e121e18bbbd38b0d1e2b102ae0d6084c5033915d60d9b6003db76e22aef98e65 20258 libfreexl1_1.0.0b-1+deb7u1_amd64.deb 619c6b8ba1fbe792e98ac703a41b918f917d698200e0389845d4b624deaec06c 44618 libfreexl1-dbg_1.0.0b-1+deb7u1_amd64.deb Files: f92f0c37789b6b528f15953b38c39df7 2016 libs extra freexl_1.0.0b-1+deb7u1.dsc e2e1c59eb2883d825782dfe8fe244207 909489 libs extra freexl_1.0.0b.orig.tar.gz 297ec17fc1ba8f97f6075b416deef092 3608 libs extra freexl_1.0.0b-1+deb7u1.debian.tar.gz 8a7b3fc90cf09022e9868e3b0e3883c9 25778 libdevel extra libfreexl-dev_1.0.0b-1+deb7u1_amd64.deb 4a389b4c9758ced8b2d3ce00ffcfcf7b 20258 libs extra libfreexl1_1.0.0b-1+deb7u1_amd64.deb 4cae2e9217f72cec556a8d5059a7ee07 44618 debug extra libfreexl1-dbg_1.0.0b-1+deb7u1_amd64.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQIcBAEBCgAGBQJVFHg+AAoJEGdQ8QrojUrxzRkQALKCze3KZGq8kTKLRuoBFRmG +zk/OSNF78j7tFoObZf+9oqx2SDWExFIee5zp0D5pFXX/8T3LbxYjS4crAK1PB1r BVQwkxEMNOSoB4CnLZ1xneakmZXNysdGnPZKb1eu4r0ULJMpGeLuwsGpl+NOMMnP PelTDWu78FIiyp6U39nYzbHaTTHuLa9PlzpD5uO5pyQMRqcT3AdYGVoCvubfM+zU FoStXTQ7Nx5KzpN5n0tRYJyXOCts3Vje60IdRiMC1uQ1faRbZ85UBvx3Wgsv3RTp NJ1Px7kzDAYFtfu+REQocvtGCLJQE+XLZ8VFywebvFmb2x2UZo0K3zUmkoTEU9M4 6Z1pGEztx6FMnmEKbkyqglkJPvRs5FTUejINwWKdTtnFFS3gBKvNHZh+QQRhQ4CM laRgGh/sCDaiRXa1TejVIBAvrO2Cu8hU6tFWu78VD/BrSOvDMipYOM3w5KyuFptR c2fgeXWj+lqTBQUVFVO1/c19LpeEUZg8ww6+TK9BOLv12apqPypiYfNoDHJsJdUa 7G4oGJXQULjvcBotDyBeGN/aTru7PQ1hnPknsZBGyGvGJS4JtHT+hcIcrTnXOCri tGmekWZFdKFfNGIe5wft6xPe/x+YVYVn7Z+eFTnEIGBFK2eflECpn+mzxaRe7fIH j6I+6earS+tcnBFQJfsM =BGcB -----END PGP SIGNATURE-----
--- End Message ---
_______________________________________________ Pkg-grass-devel mailing list Pkg-grass-devel@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-grass-devel
