[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#583994: marked as done (advi: Security bugs in ghostscript)

Your message dated Mon, 23 Jan 2017 21:04:13 +0000
with message-id <E1cVlmf-0005rU-KR@fasolo.debian.org>
and subject line Bug#583994: fixed in advi 1.10.2-3
has caused the Debian Bug report #583994,
regarding advi: Security bugs in ghostscript
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
583994: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=583994
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message --- 
Package: advi
Severity: grave
Tags: security
Justification: user security hole


Please note remote execute-any-code security bugs in ghostscript:

  http://bugs.debian.org/583183

This package depends on ghostscript, and may be affected. Please
evaluate the security of this package, and fix if needed.

Thanks,

Paul Szabo   psz@maths.usyd.edu.au   http://www.maths.usyd.edu.au/u/psz/
School of Mathematics and Statistics   University of Sydney    Australia


-- System Information:
Debian Release: 5.0.4
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: i386 (i686)

Kernel: Linux 2.6.26-pk03.17-svr (SMP w/8 CPU cores)
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Shell: /bin/sh linked to /bin/bash

Versions of packages advi depends on:
ii  libc6                  2.7-18lenny2      GNU C Library: Shared libraries
ii  libfreetype6           2.3.7-2+lenny1    FreeType 2 font engine, shared lib
ii  libjpeg62              6b-14             The Independent JPEG Group's JPEG 
pn  libpng2                <none>            (no description available)
pn  libtiff3g              <none>            (no description available)
ii  libungif4g             4.1.6-6           library for GIF images (transition
pn  xlibs                  <none>            (no description available)
ii  zlib1g                 1:1.2.3.3.dfsg-12 compression library - runtime

advi recommends no packages.

advi suggests no packages.

--- End Message ---
--- Begin Message --- 
Source: advi
Source-Version: 1.10.2-3

We believe that the bug you reported is fixed in the latest version of
advi, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 583994@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Ralf Treinen <treinen@debian.org> (supplier of updated advi package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Mon, 23 Jan 2017 21:23:56 +0100
Source: advi
Binary: advi advi-examples
Architecture: source
Version: 1.10.2-3
Distribution: unstable
Urgency: low
Maintainer: Debian OCaml Maintainers <debian-ocaml-maint@lists.debian.org>
Changed-By: Ralf Treinen <treinen@debian.org>
Description:
 advi       - active DVI previewer and presenter
 advi-examples - example presentations for Active-DVI (advi)
Closes: 583994 834137
Changes:
 advi (1.10.2-3) unstable; urgency=low
 .
   [Rémi Vanicat]
   * removing myself from uploaders
 .
   [Ralf Treinen]
   * patch safe: make Safer mode the default (closes: #583994)
   * advi-examples: drop spurious Suggests tk4.8 et mpg321
   * Standards-Version 3.9.8 (no change)
   * advi-examples: drop Conflicts: advi (<< 1.6.0-4) since that version is
     more than 10 years old.
   * advi: drop "Replaces: activedvi,mldvi" since these are previous names
     of this package last used in 2002, resp. 2001.
   * advi: don't create empty directory usr/share/lintian/overrides/
   * d/control: fix Vcs-* fields, use secure URI
   * patch drop-build-date: make build reproducible (closes: #834137)
   * debhelper compat version 9
   * fix a spelling error in debian/README.
Checksums-Sha1:
 a780158274b03e81441191773cd4d5846ebfee8f 2305 advi_1.10.2-3.dsc
 cc421fd66a7b4023748ab5a844f85a7c18c65102 21652 advi_1.10.2-3.debian.tar.xz
Checksums-Sha256:
 b632b9f6a901695a2e7995f0bbbbf63d300e55d9889c87a2eff4a3ae7db2333b 2305 advi_1.10.2-3.dsc
 8dd0a75e1e373a74e287af3de756667b30e0ec8a79312165aa0c53dfa337f123 21652 advi_1.10.2-3.debian.tar.xz
Files:
 48b5253d35468d309fce13ab25e57902 2305 tex optional advi_1.10.2-3.dsc
 b54f1ca207e4e199e51e0ca864950ac5 21652 tex optional advi_1.10.2-3.debian.tar.xz

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEAgVIKeEtDyqOZI5idFxHZtTKzf8FAliGbMAACgkQdFxHZtTK
zf+9Cg//cnlqiRuPcK36+/eBCi4u5yrPuo2sW+5BIELPVSx8Sv0xiIaJXNlmIccF
rqyDcA1em520EDYZ8D92kyWHRX3bMt3hELEONvYQvWk3/weDdS0oQzffUPphOL0O
iqF77qRGofnJ2MbpxGz7LLyWhpftQ/KVzB8X1YMRRQBCs45SO4RCImol9WbQdUlc
BKjPOOQYIhD546xCvboEzUH1KGEhpksYum7I54Kv9/1Vm55RhP1Z35qUQ7rPlIk4
PvJL82UXg2HXi3HwKKdvu7cRcz6GUEBZ8Tk9BSnWeJ3I5Qp83XMV6PJpb004Bj4i
j0RgYeqkpnzyp3WIbdH8niezXsXd+sn7Up/8NB6G+Bd9p3mORWRjh5G8h5Y7wqz4
meIsM397/mIh01sdDs3DCNuW7meoIAlYGzCych4kKwqvw/CJHlIyIxtFqZtuK/pv
cEMQKwgg3BQIxxEgg//qKSU7Zk+xlCUlXy51SVseNUogZs5MmEkfIsJnT3gfCP22
gBQ/lS0DCMjRPcfx3hgNa8NXMdd0mbgjlLTRZkuQqxkz9tNR/TCBDPON8ATf8bjq
U2y+kqqAC3f/sm8cPgDDryzmRvzWsEl+7tCgHTqJZMlKBkSDkho78qIe+vPwmRpZ
ob1f7gfMGGJx0Jxjd59k1cpZkkbEI14P0Gn9wj54Deft7lJvmOc=
=qH3e
-----END PGP SIGNATURE-----

--- End Message ---
Reply to: