Bug#839865: marked as done (kde-cli-tools: CVE-2016-7787)
Your message dated Fri, 07 Oct 2016 13:05:08 +0000
with message-id <E1bsUpo-00089K-WE@franck.debian.org>
and subject line Bug#839865: fixed in kde-cli-tools 4:5.8.0-1
has caused the Debian Bug report #839865,
regarding kde-cli-tools: CVE-2016-7787
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)
--
839865: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=839865
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message ---
Source: kde-cli-tools
Version: 4:5.7.4-1
Severity: important
Tags: security upstream patch fixed-upstream
Hi,
the following vulnerability was published for kde-cli-tools.
CVE-2016-7787[0]:
kdesu: Displayed command truncated by unicode string terminator
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2016-7787
[1] https://www.kde.org/info/security/advisory-20160930-1.txt
Please adjust the affected versions in the BTS as needed. I'm not sure
if kde-runtime is as well affected (it looks source wise, since the
same file can be patched).
Regards,
Salvatore
--- End Message ---
--- Begin Message ---
- To: 839865-close@bugs.debian.org
- Subject: Bug#839865: fixed in kde-cli-tools 4:5.8.0-1
- From: Maximiliano Curia <maxy@debian.org>
- Date: Fri, 07 Oct 2016 13:05:08 +0000
- Message-id: <E1bsUpo-00089K-WE@franck.debian.org>
Source: kde-cli-tools
Source-Version: 4:5.8.0-1
We believe that the bug you reported is fixed in the latest version of
kde-cli-tools, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 839865@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Maximiliano Curia <maxy@debian.org> (supplier of updated kde-cli-tools package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Fri, 07 Oct 2016 14:02:03 +0200
Source: kde-cli-tools
Binary: kde-cli-tools kde-cli-tools-data
Architecture: source
Version: 4:5.8.0-1
Distribution: unstable
Urgency: medium
Maintainer: Debian/Kubuntu Qt/KDE Maintainers <debian-qt-kde@lists.debian.org>
Changed-By: Maximiliano Curia <maxy@debian.org>
Description:
kde-cli-tools - tools to use KDE services from the command line
kde-cli-tools-data - tools to use kioslaves from the command line
Closes: 839865
Changes:
kde-cli-tools (4:5.8.0-1) unstable; urgency=medium
.
[ Automatic packaging ]
* Update build-deps and deps with the info from cmake
.
[ Harald Sitter ]
* bdep on pkg-config as per upstream cmake checks
.
[ Maximiliano Curia ]
* New upstream release. (Closes: #839865)
- Fixes CVE-2016-7787
https://security-tracker.debian.org/tracker/CVE-2016-7787
* Replace dbus-launch with dbus-run-session in tests
* Bump group breaks (5.8)
Checksums-Sha1:
a0c5c6da6214b8403d9daa86abb1b8ce95e1124c 2668 kde-cli-tools_5.8.0-1.dsc
3534e52c97f2f7eaa433d262e9d9ded503863aa1 485448 kde-cli-tools_5.8.0.orig.tar.xz
ae06e13b7d001badf1e1cda0f81198459d1d6c19 6840 kde-cli-tools_5.8.0-1.debian.tar.xz
Checksums-Sha256:
15e067e458c8d3bde4cb8bd871602683ce47437757b369903b306799d5bdc56b 2668 kde-cli-tools_5.8.0-1.dsc
8561295ef8892d947a91b25cb4cddbb6c5cc40b39657a6cfc6fe4cfd98e728a6 485448 kde-cli-tools_5.8.0.orig.tar.xz
1b0f47d555713fb7bcc18f6793252bd51bd6286009e2f8104b211dc528c17cee 6840 kde-cli-tools_5.8.0-1.debian.tar.xz
Files:
7a45715acedcdb2227302e52d48d4d57 2668 utils optional kde-cli-tools_5.8.0-1.dsc
bbd1e8fbb1965b2675d787b6dcfedafe 485448 utils optional kde-cli-tools_5.8.0.orig.tar.xz
e4b0364c9d8659e4d567c6048557c104 6840 utils optional kde-cli-tools_5.8.0-1.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJX95jBAAoJEMcZdpmymyMqfMsP/337D4XNq8VrxPxif+TO3B1v
wfW7LKSNwRxLNyN2GzKLqxQlB2tJTw+ezbz8TIyUGD9FHoyW5kEhoyG6r1kcORPk
VdrYzmmCQrp0ER1r2dP8W/aKG7tvKeQ3m8lUqS2l7bv/R+BXJDZ6r6QmgoJJJb2B
A6LWRIke5IgQao61DvhQhmMgwUGRXQ5idEGmwtEq4v/nb6U2PbJJ/o0bGIpXqgW1
hP5JCC+IlYhY7uxlcgqW0/dG3nwrWiS2ZEFaNuesp8Q/HbTS6lFO7dLQQrGCIL3O
/SBzoAY7kw4krv769cXonL5U5M9GHDQyDt6yr+HE3TD+P174ohyBm9qj/iFbui3T
LCP7nGkbBMdHYE/DYKxp/23PGGPg+Cji3fxeSY0gKbHB7L3FyspC34KDKb2iAQEL
mMhT+lGX4EPvkFsyvh5xIiIjaZ42vSNFvvIwFIGPrcU2s4sO9M/8K7XGywhEKdgX
KPnsb7WmnigYC43eQLG2B8wOcOOhOwzHWjXQuoZjMWJbXdnhmf+ODZL8a3d1KMO7
GUhpg/2e7NgF0c22cf7cDDeYrc+BzfSG4IV7f2FjSm66udngRl6fLtrxwub7xyqN
JYh7sPtSVkI9DfXn0JDeLpKeVTXuNSvAZvQfLNe43xASVEFDgJOBUkYQ7LqSG67Y
TZsowdjastzmKu4b3LYz
=CXsz
-----END PGP SIGNATURE-----
--- End Message ---
Reply to: