Bug#986214: marked as done (ircii: CVE-2021-29376)
Your message dated Sun, 30 May 2021 18:32:07 +0000
with message-id <E1lnQEJ-0008t1-M9@fasolo.debian.org>
and subject line Bug#986214: fixed in ircii 20190117-1+deb10u1
has caused the Debian Bug report #986214,
regarding ircii: CVE-2021-29376
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)
--
986214: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986214
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message ---
- To: Debian Bug Tracking System <submit@bugs.debian.org>
- Subject: ircii: CVE-2021-29376
- From: Salvatore Bonaccorso <carnil@debian.org>
- Date: Wed, 31 Mar 2021 20:59:17 +0200
- Message-id: <161721715753.22169.4947676749574017231.reportbug@eldamar.lan>
Source: ircii
Version: 20190117-1
Severity: grave
Tags: security upstream
X-Debbugs-Cc: carnil@debian.org, Debian Security Team <team@security.debian.org>
Control: clone -1 -2
Control: reassign -2 src:scrollz 2.2.3-1
Control: retitle -2 scrollz: CVE-2021-29376
The following vulnerability was published for ircii.
CVE-2021-29376[0]:
| ircII before 20210314 allows remote attackers to cause a denial of
| service (segmentation fault and client crash, disconnecting the victim
| from an IRC server) via a crafted CTCP UTC message.
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2021-29376
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29376
[1] https://www.openwall.com/lists/oss-security/2021/03/24/2
Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: ircii
Source-Version: 20190117-1+deb10u1
Done: Håvard Flaget Aasen <haavard_aasen@yahoo.no>
We believe that the bug you reported is fixed in the latest version of
ircii, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 986214@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Håvard Flaget Aasen <haavard_aasen@yahoo.no> (supplier of updated ircii package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Fri, 14 May 2021 01:51:43 +0200
Source: ircii
Architecture: source
Version: 20190117-1+deb10u1
Distribution: buster
Urgency: medium
Maintainer: Debian QA Group <packages@qa.debian.org>
Changed-By: Håvard Flaget Aasen <haavard_aasen@yahoo.no>
Closes: 986214
Changes:
ircii (20190117-1+deb10u1) buster; urgency=medium
.
* QA upload.
* Fix CVE-2021-29376: allows remote attackers to cause a denial of
service (segmentation fault and client crash, disconnecting
the victim from an IRC server) via a crafted CTCP UTC message.
Closes: #986214
Checksums-Sha1:
2e5f1c46cd499c019026cee43f0e5e63542fdba2 1873 ircii_20190117-1+deb10u1.dsc
918923f7378d762052ed1950b14302dbfe23cd55 12924 ircii_20190117-1+deb10u1.debian.tar.xz
c7de175ac6133d4131394cad5da3ab6da3a2856a 5732 ircii_20190117-1+deb10u1_source.buildinfo
Checksums-Sha256:
535df42f967b410662f675ce74a708ea6cb4c4d2c4333f0f28dc65c5628836e3 1873 ircii_20190117-1+deb10u1.dsc
66b8326be7e7ea8817bb9600f088a197fbcbbbc359cd96a3dd4c2a06b9e420ac 12924 ircii_20190117-1+deb10u1.debian.tar.xz
897051087f7908fcaa08e80c3975938332c59edd2b73b4d0f23d8fa4fecc8df9 5732 ircii_20190117-1+deb10u1_source.buildinfo
Files:
2df95f570d011411d40b4505c9b781bf 1873 net optional ircii_20190117-1+deb10u1.dsc
ee0680f6264124c5fdf0e841f14536ff 12924 net optional ircii_20190117-1+deb10u1.debian.tar.xz
0382d9abcd82f765622f08c4653fc346 5732 net optional ircii_20190117-1+deb10u1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEE/d0M/zhkJ3YwohhskWT6HRe9XTYFAmCyZWQACgkQkWT6HRe9
XTbXyA/+JWa6iFZpJ9kE+mt2uXWK3DMvrVg7C9Ld+ZHRxQUAmqNUpS/UPsJYEa3t
i/nwz1oKkSpARhfGZC9A95tYfEdFIZETdBceg8lFZDixcodyqromuKsXWm3IQxqj
a89aqeFBagSbvRIOGHrRRaT8jtrB23WQX8gCx1On4kzIQc5k6y91QKdNWVN5Mfmu
sP/pjgqX2sI3F80YsAS5m1QbQHZ8W+B4nqIjZbgcNWjxXHFR1FD8Ler+hlTbAsTI
1yUGTbWFoa2vZNS+LMcpwTF0BggzB4r74VAGqQm8u66MD2wQTVpsUG6Ym5+ErDma
Qm8Gby9Fo+K1W64Xt9+DjogkPeONBfM/ZKzogdGUIi8YtrjGKMRklHXcTqrQqrSp
F3Gn3KfSFNL1Tlxs98rBA4Ftl/5/UGQ7yb9A73eG+ZviPUoL8vS+mwkbqxOApPkH
6pM97eMkWOetaopD2t0YxIKVn9ZmIpK/8Wa8GjT6h4NRuWGxYAKC5cXD77Lxcdt3
BPoNIC4Ze2CQRbBsFJazFOqI0+dHyRJz7gV4rAAWxDMe6sE0AFandK3vLtzJcf2m
vRDm7alwki6O5mLOOmi+tm5iCQNX2QX+rPuZsVXhbqulqPFMH1UfM66bsczIlKzC
39gr/4Qd56FWDb3utKwUPsOH2ABc6BX2Dvd6xyyy7kvRKs7eVgY=
=glHx
-----END PGP SIGNATURE-----
--- End Message ---
Reply to: