Bug#872884: marked as done (virglrenderer: CVE-2017-6386)

To: Adam Borowski <kilobyte@angband.pl>
Subject: Bug#872884: marked as done (virglrenderer: CVE-2017-6386)
From: owner@bugs.debian.org (Debian Bug Tracking System)
Date: Fri, 25 Aug 2017 01:39:06 +0000
Message-id: <[🔎] handler.872884.D872884.150362485218031.ackdone@bugs.debian.org>
Reply-to: 872884@bugs.debian.org
References: <E1dl3Vg-000DxX-Ry@fasolo.debian.org> <149001331342.8458.16508030243110283742.reportbug@hullmann.westfalen.local>

Your message dated Fri, 25 Aug 2017 01:34:08 +0000
with message-id <E1dl3Vg-000DxX-Ry@fasolo.debian.org>
and subject line Bug#872884: fixed in virglrenderer 0.6.0-2
has caused the Debian Bug report #872884,
regarding virglrenderer: CVE-2017-6386
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
872884: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=872884
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

To: Debian Bug Tracking System <submit@bugs.debian.org>

Subject: Multiple security issues

From: Moritz Muehlenhoff <jmm@debian.org>

Date: Mon, 20 Mar 2017 13:35:13 +0100

Message-id: <149001331342.8458.16508030243110283742.reportbug@hullmann.westfalen.local>
Source: virglrenderer
Severity: grave
Tags: security

Please see:
https://security-tracker.debian.org/tracker/CVE-2017-5956
https://security-tracker.debian.org/tracker/CVE-2017-5957
https://security-tracker.debian.org/tracker/CVE-2017-5993
https://security-tracker.debian.org/tracker/CVE-2017-5994
https://security-tracker.debian.org/tracker/CVE-2017-6209
https://security-tracker.debian.org/tracker/CVE-2017-6210
https://security-tracker.debian.org/tracker/CVE-2017-6317
https://security-tracker.debian.org/tracker/CVE-2017-6355
https://security-tracker.debian.org/tracker/CVE-2017-6386

Cheers,
        Moritz
--- End Message ---

--- Begin Message ---

To: 872884-close@bugs.debian.org
Subject: Bug#872884: fixed in virglrenderer 0.6.0-2
From: Adam Borowski <kilobyte@angband.pl>
Date: Fri, 25 Aug 2017 01:34:08 +0000
Message-id: <E1dl3Vg-000DxX-Ry@fasolo.debian.org>

Source: virglrenderer
Source-Version: 0.6.0-2

We believe that the bug you reported is fixed in the latest version of
virglrenderer, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 872884@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Adam Borowski <kilobyte@angband.pl> (supplier of updated virglrenderer package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 25 Aug 2017 03:12:15 +0200
Source: virglrenderer
Binary: libvirglrenderer0 libvirglrenderer-dev
Architecture: source
Version: 0.6.0-2
Distribution: unstable
Urgency: medium
Maintainer: Debian QA Group <packages@qa.debian.org>
Changed-By: Adam Borowski <kilobyte@angband.pl>
Description:
 libvirglrenderer-dev - virtual GPU for KVM virtualization - headers
 libvirglrenderer0 - virtual GPU for KVM virtualization
Closes: 872884
Changes:
 virglrenderer (0.6.0-2) unstable; urgency=medium
 .
   * QA upload.
   * Apply upstream fix for CVE-2017-6386 (guest exhausting host memory).
     Closes: #872884
Checksums-Sha1:
 124e65311dea262489d86e3b3b1020d2c6773dcd 1724 virglrenderer_0.6.0-2.dsc
 111cb87b384d5cd81e9496c11ba11c20dc686771 4512 virglrenderer_0.6.0-2.debian.tar.xz
 5ffa6150a5671d27744ef7d655e31a604d3fe8a7 5726 virglrenderer_0.6.0-2_source.buildinfo
Checksums-Sha256:
 a48fce688d9f71430f56c0a240a4e29a4ec4835257a41e716d3ae9b7924d93da 1724 virglrenderer_0.6.0-2.dsc
 4a4236eb8a556184d5b3d1fccdbf42361aa009478743a301b521ee3ff9547d17 4512 virglrenderer_0.6.0-2.debian.tar.xz
 7d764660cb2a1ce0e6f7dfdca09205230590036e22f6b8085afb71efbd0b4623 5726 virglrenderer_0.6.0-2_source.buildinfo
Files:
 c81261c0ecc72e12af70574558f992f4 1724 libs extra virglrenderer_0.6.0-2.dsc
 65e7c88a18d43944f4e3b6953d190cb5 4512 libs extra virglrenderer_0.6.0-2.debian.tar.xz
 ba82816beadd2b3909eed6ad48be9ffb 5726 libs extra virglrenderer_0.6.0-2_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQEzBAEBCgAdFiEE/Zzi2Nd1S3irJ5u9LDtDb+rGgQEFAlmfeo4ACgkQLDtDb+rG
gQFk3gf/XKGybXgT26t+TU5KybQBLgO0p140ZkehzjHtyLCgVoAb+K89VXl3CtSO
uwpkOYsgKVuIuBo1z1IshZjGPBrvTmJ9p40rUR61hWzXUsaww6WJa83j8mrzMiNy
99JdA5i2mr+laHSzpYDtFTsNdU+epR8lC7aYXpQDsM+nEV1LE347tblamvEj3iKu
2P8TRtv0rS/v9qMcKahb3ZV8h1Wc2DnIVQqV/b+A+Q19blypsPihS5YSksnMHY0J
uLOZAL75keVIi1Rw53VQnaKyqkeot4svnOIUu2UPRS1+rxD0JgIfjq+c8FTTIXza
MY0ycAkum27hVDrOqeyaparHgjJEsA==
=3MIr
-----END PGP SIGNATURE-----

--- End Message ---

Reply to:

Prev by Date: glew_2.0.0-5_source.changes ACCEPTED into unstable
Next by Date: Processing of virglrenderer_0.6.0-2_source.changes
Previous by thread: glew_2.0.0-5_source.changes ACCEPTED into unstable
Next by thread: Processing of virglrenderer_0.6.0-2_source.changes
Index(es):
- Date
- Thread