Bug#779550: marked as done (qt4-x11: CVE-2015-0295)

To: Dmitry Shachnev <mitya57@debian.org>
Subject: Bug#779550: marked as done (qt4-x11: CVE-2015-0295)
From: owner@bugs.debian.org (Debian Bug Tracking System)
Date: Tue, 03 Mar 2015 09:27:10 +0000
Message-id: <[🔎] handler.779550.D779550.14253747091299.ackdone@bugs.debian.org>
References: <E1YSj4d-0006UT-Hu@franck.debian.org> <[🔎] 20150302065809.1630.65379.reportbug@m25s06.vlinux.de>

Your message dated Tue, 03 Mar 2015 09:25:07 +0000
with message-id <E1YSj4d-0006UT-Hu@franck.debian.org>
and subject line Bug#779550: fixed in qt4-x11 4:4.8.6+git64-g5dc8b2b+dfsg-3
has caused the Debian Bug report #779550,
regarding qt4-x11: CVE-2015-0295
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
779550: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=779550
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

To: Debian Bug Tracking System <submit@bugs.debian.org>

Subject: qt4-x11: CVE-2015-0295

From: Moritz Muehlenhoff <jmm@inutil.org>

Date: Mon, 02 Mar 2015 07:58:09 +0100

Message-id: <[🔎] 20150302065809.1630.65379.reportbug@m25s06.vlinux.de>
Package: qt4-x11
Severity: important
Tags: security
Justification: user security hole

Hi,
please see http://lists.qt-project.org/pipermail/announce/2015-February/000059.html
for details and a patch.

Cheers,
        Moritz
--- End Message ---

--- Begin Message ---

To: 779550-close@bugs.debian.org
Subject: Bug#779550: fixed in qt4-x11 4:4.8.6+git64-g5dc8b2b+dfsg-3
From: Dmitry Shachnev <mitya57@debian.org>
Date: Tue, 03 Mar 2015 09:25:07 +0000
Message-id: <E1YSj4d-0006UT-Hu@franck.debian.org>

Source: qt4-x11
Source-Version: 4:4.8.6+git64-g5dc8b2b+dfsg-3

We believe that the bug you reported is fixed in the latest version of
qt4-x11, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 779550@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Dmitry Shachnev <mitya57@debian.org> (supplier of updated qt4-x11 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Mon, 02 Mar 2015 17:12:28 +0300
Source: qt4-x11
Binary: libqtcore4 qtcore4-l10n libqt4-core libqtgui4 libqt4-gui libqt4-network libqt4-opengl libqt4-script libqt4-scripttools libqt4-sql libqt4-sql-ibase libqt4-sql-mysql libqt4-sql-odbc libqt4-sql-psql libqt4-sql-sqlite libqt4-sql-sqlite2 libqt4-sql-tds libqt4-svg libqt4-webkit libqt4-xml libqt4-xmlpatterns libqt4-dbus libqtdbus4 libqt4-qt3support libqt4-designer libqt4-help libqt4-assistant libqt4-test libqt4-phonon libqt4-declarative libqt4-declarative-folderlistmodel libqt4-declarative-gestures libqt4-declarative-particles libqt4-declarative-shaders libqt4-dev libqt4-dev-bin libqt4-private-dev libqt4-opengl-dev libqt4-dbg libqt4-designer-dbg libqt4-qt3support-dbg libqt4-script-dbg libqt4-webkit-dbg libqt4-xmlpatterns-dbg qt4-bin-dbg qt4-demos-dbg qt4-designer qt4-dev-tools qt4-qmake qt4-qtconfig qt4-demos qt4-qmlviewer qt4-linguist-tools qdbus qt4-doc qt4-doc-html qt4-default
Architecture: source all
Version: 4:4.8.6+git64-g5dc8b2b+dfsg-3
Distribution: unstable
Urgency: medium
Maintainer: Debian Qt/KDE Maintainers <debian-qt-kde@lists.debian.org>
Changed-By: Dmitry Shachnev <mitya57@debian.org>
Description:
 libqt4-assistant - transitional package for Qt 4 assistant module
 libqt4-core - transitional package for Qt 4 core non-GUI runtime libraries
 libqt4-dbg - Qt 4 library debugging symbols
 libqt4-dbus - Qt 4 D-Bus module
 libqt4-declarative - Qt 4 Declarative module
 libqt4-declarative-folderlistmodel - Qt 4 folderlistmodel QML plugin
 libqt4-declarative-gestures - Qt 4 gestures QML plugin
 libqt4-declarative-particles - Qt 4 particles QML plugin
 libqt4-declarative-shaders - Qt 4 shaders QML plugin
 libqt4-designer - Qt 4 designer module
 libqt4-designer-dbg - Qt 4 designer library debugging symbols
 libqt4-dev - Qt 4 development files
 libqt4-dev-bin - Qt 4 development programs
 libqt4-gui - transitional package for Qt 4 GUI runtime libraries
 libqt4-help - Qt 4 help module
 libqt4-network - Qt 4 network module
 libqt4-opengl - Qt 4 OpenGL module
 libqt4-opengl-dev - Qt 4 OpenGL library development files
 libqt4-phonon - Qt 4 Phonon module
 libqt4-private-dev - Qt 4 private development files
 libqt4-qt3support - Qt 3 compatibility library for Qt 4
 libqt4-qt3support-dbg - Qt 3 compatibility library for Qt 4 debugging symbols
 libqt4-script - Qt 4 script module
 libqt4-script-dbg - Qt 4 script library debugging symbols
 libqt4-scripttools - Qt 4 script tools module
 libqt4-sql - Qt 4 SQL module
 libqt4-sql-ibase - Qt 4 InterBase/FireBird database driver
 libqt4-sql-mysql - Qt 4 MySQL database driver
 libqt4-sql-odbc - Qt 4 ODBC database driver
 libqt4-sql-psql - Qt 4 PostgreSQL database driver
 libqt4-sql-sqlite - Qt 4 SQLite 3 database driver
 libqt4-sql-sqlite2 - Qt 4 SQLite 2 database driver
 libqt4-sql-tds - Qt 4 FreeTDS database driver
 libqt4-svg - Qt 4 SVG module
 libqt4-test - Qt 4 test module
 libqt4-webkit - transitional package for Qt 4 WebKit module
 libqt4-webkit-dbg - transitional package for Qt 4 WebKit debugging symbols
 libqt4-xml - Qt 4 XML module
 libqt4-xmlpatterns - Qt 4 XML patterns module
 libqt4-xmlpatterns-dbg - Qt 4 XML patterns library debugging symbols
 libqtcore4 - Qt 4 core module
 libqtdbus4 - Qt 4 D-Bus module library
 libqtgui4  - Qt 4 GUI module
 qdbus      - Qt 4 D-Bus tool
 qt4-bin-dbg - Qt 4 binaries debugging symbols
 qt4-default - Qt 4 development defaults package
 qt4-demos  - Qt 4 examples and demos
 qt4-demos-dbg - Qt 4 examples and demos debugging symbols
 qt4-designer - graphical designer for Qt 4 applications
 qt4-dev-tools - Qt 4 development tools
 qt4-doc    - Qt 4 API documentation
 qt4-doc-html - Qt 4 API documentation (HTML format)
 qt4-linguist-tools - Qt 4 Linguist tools
 qt4-qmake  - Qt 4 qmake Makefile generator tool
 qt4-qmlviewer - Qt 4 QML viewer
 qt4-qtconfig - Qt 4 configuration tool
 qtcore4-l10n - Qt 4 core module translations
Closes: 779550
Changes:
 qt4-x11 (4:4.8.6+git64-g5dc8b2b+dfsg-3) unstable; urgency=medium
 .
   * Team upload.
   * Fix CVE-2015-0295 (DoS vulnerability in BMP images handler).
     Closes: #779550.
Checksums-Sha1:
 5f55f1e483563bbddbc9afb2e1ca46a0562b274b 6504 qt4-x11_4.8.6+git64-g5dc8b2b+dfsg-3.dsc
 3c116d2ad3620ecefed3c4c66dce816ab1bbcd5c 313692 qt4-x11_4.8.6+git64-g5dc8b2b+dfsg-3.debian.tar.xz
 cf5b452b546d2d87352414c494cd7a75c889b4dc 652174 qtcore4-l10n_4.8.6+git64-g5dc8b2b+dfsg-3_all.deb
 658e21b6ec9797843210f0076b87f00a856c8691 95886138 qt4-doc_4.8.6+git64-g5dc8b2b+dfsg-3_all.deb
 6e8522ba1248a000efa9350404e36b2c92f6925d 45252538 qt4-doc-html_4.8.6+git64-g5dc8b2b+dfsg-3_all.deb
Checksums-Sha256:
 b707993c7a917b9eb490bc28b8d580a084a2c872a08e4244bd2e9d794d0c211c 6504 qt4-x11_4.8.6+git64-g5dc8b2b+dfsg-3.dsc
 4d19f0699e723e635fadd774557564c7d392c812b49f688684781a461c6c29ab 313692 qt4-x11_4.8.6+git64-g5dc8b2b+dfsg-3.debian.tar.xz
 b0c4cb85a95184c1b703c73aa586c7ad5fd2c3c5b1e13b171ee773cdc5f48d7c 652174 qtcore4-l10n_4.8.6+git64-g5dc8b2b+dfsg-3_all.deb
 b81d7dd93dc1e2285c556e5d86f63cc1234133c376705237e477e938cb254239 95886138 qt4-doc_4.8.6+git64-g5dc8b2b+dfsg-3_all.deb
 39cb7ff595e93957cf4026cf9a6fb349a894f6dbba267cb99056b3d295bd7376 45252538 qt4-doc-html_4.8.6+git64-g5dc8b2b+dfsg-3_all.deb
Files:
 39c119b401e1c08f77c912fe3e31a6b9 6504 libs optional qt4-x11_4.8.6+git64-g5dc8b2b+dfsg-3.dsc
 c28fc1c45c4fd36f192d52cfd9dc56a5 313692 libs optional qt4-x11_4.8.6+git64-g5dc8b2b+dfsg-3.debian.tar.xz
 d78240d3c7e18912c547389279e7c455 652174 libs optional qtcore4-l10n_4.8.6+git64-g5dc8b2b+dfsg-3_all.deb
 b192c9d7a1f1b187571cd0cb5226791a 95886138 doc optional qt4-doc_4.8.6+git64-g5dc8b2b+dfsg-3_all.deb
 85ea826cba2632a632733e5e9f09e071 45252538 doc optional qt4-doc-html_4.8.6+git64-g5dc8b2b+dfsg-3_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJU9VzcAAoJENb+cQNj+F3Tf8UQAJRAEA3xZNCi7Zk2N2ogxcUc
yOy5l80Fj9afzLFKqlXZ+djOsBuE6FmrniU85+uOLL1yqi+0OrjoyOWbR8SUcoyO
DkpZxINlKzcIXXJBhqOF/RN/E1eo/3oicSdgzBv4u8LBk4TrtL7l6SxuUH5lhEJs
xoFUfogutFATJtAtM/xWF+3Eqwqi+VxaomTCIUIS2oAZIgJPztjhCghvgWRg8oH7
IyZPgPowqEaEMTH305IFg0sDdrOD64p4A/FmhmvORBzoovphJ6BsmY/doKKCKbSX
No2pDmW+hfHypGM4fH4xKu8zb7yJfZF5XMObfYq9gzmvfIBqybsRgsNrxPYkwSzj
8X6P/kE505dgVah59haV0KuYvM5uRsdKAjGwfhWYb3C8uQXfKkv+HzPBGp460mXm
Mv2j1hrY2nXyGYKQhKdsXz6fWGmQ/rWHDi7nvG7Ut5TpXHez0sligAgfZAqmfn/y
ioVdJQVUcypxQyl02kBIXzIaWhm+8nzEUbC7aeQIrqJN8GSvGg+dUwVynzIqjQUy
qV5Tc8+By1N/SwLfZXlt2EMm3bDBvm6s039LVMbZNgFxM6fLEWb/Cdaj0PrFu3NG
yl42uCuObPyAc3m+r4JXMWz/tm5o/duM//RndLBaVOKWlp/Qtl94VY9/euxyKr4l
ZkRxEBgMzRpwEe8z12NP
=FEb6
-----END PGP SIGNATURE-----

--- End Message ---

Reply to:

References:
- Bug#779550: qt4-x11: CVE-2015-0295
  - From: Moritz Muehlenhoff <jmm@inutil.org>

Prev by Date: Processing of qt4-x11_4.8.6+git64-g5dc8b2b+dfsg-3_amd64.changes
Next by Date: qt4-x11_4.8.6+git64-g5dc8b2b+dfsg-3_amd64.changes ACCEPTED into unstable
Previous by thread: Bug#779550: qt4-x11: CVE-2015-0295
Next by thread: Bug#779580: marked as done (qtbase-opensource-src: CVE-2015-0295)
Index(es):
- Date
- Thread