Bug#280373: marked as done (kfax libtiff vulnerabilities)
Your message dated Mon, 3 Jan 2005 21:59:38 -0800
with message-id <20050104055934.GF17970@mauritius.dodds.net>
and subject line KDE 3.3.1 in sarge, closes many RC bugs
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--------------------------------------
Received: (at submit) by bugs.debian.org; 8 Nov 2004 23:37:31 +0000
>From amu@tr.debian.net Mon Nov 08 15:37:31 2004
Return-path: <amu@tr.debian.net>
Received: from n6-75.dsl.vianetworks.de (bofh.debian.net) [194.77.152.75]
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1CRJ4l-0002ap-00; Mon, 08 Nov 2004 15:37:31 -0800
Received: by bofh.debian.net (Postfix, from userid 1000)
id C56069232B; Tue, 9 Nov 2004 00:37:55 +0100 (CET)
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: Andreas Mueller <amu@tr.debian.net>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: kfax libtiff vulnerabilities
X-Mailer: reportbug 3.1
Date: Tue, 09 Nov 2004 00:37:55 +0100
Message-Id: <20041108233755.C56069232B@bofh.debian.net>
Delivered-To: submit@bugs.debian.org
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2004_03_25
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE
autolearn=no version=2.60-bugs.debian.org_2004_03_25
X-Spam-Level:
Package: kfax
Version: 4:3.3.1-1
Severity: normal
-- cut from the inoffical KDE Security Advisory --
kfax, a small utility for displaying fax files, contains
for historic reasons a private copy of libtiff.
Therefore it is vulnerable to these issues as well.
As a workaround, you can remove the kfax binary and the
kfax_multipage KPart from your system to be on the safe
side. A new package is now on ktown.
This issue is already sort-of public because Red Hat already announced
it as part of their kdegraphics update.
Cheers,
amu
---------------------------------------
Received: (at 280373-done) by bugs.debian.org; 4 Jan 2005 05:59:38 +0000
>From vorlon@debian.org Mon Jan 03 21:59:38 2005
Return-path: <vorlon@debian.org>
Received: from dsl093-039-086.pdx1.dsl.speakeasy.net (localhost.localdomain) [66.93.39.86]
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1ClhjG-0002gy-00; Mon, 03 Jan 2005 21:59:38 -0800
Received: by localhost.localdomain (Postfix, from userid 1000)
id C24BD1720C5; Mon, 3 Jan 2005 21:59:38 -0800 (PST)
Date: Mon, 3 Jan 2005 21:59:38 -0800
From: Steve Langasek <vorlon@debian.org>
To: 282352-done@bugs.debian.org, 285126-done@bugs.debian.org,
271256-done@bugs.debian.org, 286510-done@bugs.debian.org,
282364-done@bugs.debian.org, 282232-done@bugs.debian.org,
280373-done@bugs.debian.org, 252670-done@bugs.debian.org,
278173-done@bugs.debian.org, 287080-done@bugs.debian.org,
253701-done@bugs.debian.org, 247243-done@bugs.debian.org,
282257-done@bugs.debian.org
Cc: debian-release@lists.debian.org
Subject: KDE 3.3.1 in sarge, closes many RC bugs
Message-ID: <20050104055934.GF17970@mauritius.dodds.net>
Mail-Followup-To: 282352-done@bugs.debian.org,
285126-done@bugs.debian.org, 271256-done@bugs.debian.org,
286510-done@bugs.debian.org, 282364-done@bugs.debian.org,
282232-done@bugs.debian.org, 280373-done@bugs.debian.org,
252670-done@bugs.debian.org, 278173-done@bugs.debian.org,
287080-done@bugs.debian.org, 253701-done@bugs.debian.org,
247243-done@bugs.debian.org, 282257-done@bugs.debian.org,
debian-release@lists.debian.org
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
protocol="application/pgp-signature"; boundary="m1UC1K4AOz1Ywdkx"
Content-Disposition: inline
User-Agent: Mutt/1.5.6+20040907i
Delivered-To: 280373-done@bugs.debian.org
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-5.0 required=4.0 tests=BAYES_00,VALID_BTS_CONTROL
autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level:
X-CrossAssassin-Score: 7
--m1UC1K4AOz1Ywdkx
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
tags 285126 -sarge
tags 271256 -sarge
tags 285126 -sarge
tags 252670 -sarge
tags 278173 +sid
tags 253701 -sarge
tags 247243 -sarge
thanks
KDE 3.3 has been accepted into testing and should be visible from the
mirrors starting tomorrow. I believe all of these RC bugs can therefore be
closed.
Many thanks to the KDE team for their efforts in making this happen, and to
Anthony Towns for handholding britney through the transition.
--=20
Steve Langasek
postmodern programmer
--m1UC1K4AOz1Ywdkx
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
iD8DBQFB2jDGKN6ufymYLloRAvK1AKCt069o1WpYMZLD2v/FBkFDeD+9HQCfclW7
9IlwTEOC5hGQTBoHmwTUHYQ=
=GV3v
-----END PGP SIGNATURE-----
--m1UC1K4AOz1Ywdkx--
Reply to: