Your message dated Sat, 05 Sep 2015 14:33:54 +0100 with message-id <1441460034.2151.33.camel@adam-barratt.org.uk> and subject line Closing bugs for 7.9 has caused the Debian Bug report #780471, regarding wheezy-pu: package mdbtools/0.7-1+deb7u2 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact owner@bugs.debian.org immediately.) -- 780471: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=780471 Debian Bug Tracking System Contact owner@bugs.debian.org with problems
--- Begin Message ---
- To: Debian Bug Tracking System <submit@bugs.debian.org>
- Subject: wheezy-pu: package mdbtools/0.7-1+deb7u2
- From: Jean-Michel Nirgal Vourgère <jmv_deb@nirgal.com>
- Date: Sat, 14 Mar 2015 15:36:21 +0000
- Message-id: <55045575.2030208@nirgal.com>
Package: release.debian.org User: release.debian.org@packages.debian.org Usertags: pu Tags: wheezy Severity: normal Dear RT, Here are a couple of jessie patches, cherry-picked from upstream, that I believe are worth having in wheezy: * memo_zero_len_multipage fixes a buffer overflow while handling some memo fields. * bin_output_fix fixes blob output, because of a source destination inversion in a memcpy. Attached is a debdiff of 0.7-1+deb7u2 against 0.7-1+deb7u1. Can I upload it to stable ? -- System Information: Debian Release: 8.0 APT prefers testing APT policy: (990, 'testing') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.16.0-4-amd64 (SMP w/2 CPU cores) Locale: LANG=en_GB.utf8, LC_CTYPE=en_GB.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: sysvinit (via /sbin/init)diff -Nru mdbtools-0.7/debian/changelog mdbtools-0.7/debian/changelog --- mdbtools-0.7/debian/changelog 2015-03-14 16:27:10.000000000 +0100 +++ mdbtools-0.7/debian/changelog 2015-03-14 16:33:12.000000000 +0100 @@ -1,3 +1,11 @@ +mdbtools (0.7-1+deb7u2) wheezy; urgency=medium + + * memo_zero_len_multipage: Fix overflow in some memo fields. Thanks to + lovelytwo@github. + * bin_output_fix: Fix output of binary data. Thanks to tyzhaoqi. + + -- Jean-Michel Nirgal Vourgère <jmv_deb@nirgal.com> Sat, 14 Mar 2015 16:33:09 +0100 + mdbtools (0.7-1+deb7u1) wheezy; urgency=low * Version libiodbc Breaks now that it can load multiarch drivers, drop diff -Nru mdbtools-0.7/debian/patches/bin_output_fix mdbtools-0.7/debian/patches/bin_output_fix --- mdbtools-0.7/debian/patches/bin_output_fix 1970-01-01 01:00:00.000000000 +0100 +++ mdbtools-0.7/debian/patches/bin_output_fix 2015-03-14 16:33:04.000000000 +0100 @@ -0,0 +1,19 @@ +Description: Fix binary outout +Author: tyzhaoqi <tyzhaoqi@gmail.com> +Last-Update: 2014-07-24 +Reviewed-by: Jean-Michel Vourgère <jmv_deb@nirgal.com> +Applied-Upstream: commit:9ab40e83e6789015c965c92bdb62f92f8cdd0dbd + +Index: mdbtools/src/libmdb/data.c +=================================================================== +--- mdbtools.orig/src/libmdb/data.c ++++ mdbtools/src/libmdb/data.c +@@ -931,7 +931,7 @@ char *mdb_col_to_string(MdbHandle *mdb, + text = g_strdup(""); + } else { + text = g_malloc(size); +- memcpy((char*)buf+start, text, size); ++ memcpy(text, (char*)buf+start, size); + } + break; + case MDB_TEXT: diff -Nru mdbtools-0.7/debian/patches/memo_zero_len_multipage mdbtools-0.7/debian/patches/memo_zero_len_multipage --- mdbtools-0.7/debian/patches/memo_zero_len_multipage 1970-01-01 01:00:00.000000000 +0100 +++ mdbtools-0.7/debian/patches/memo_zero_len_multipage 2015-03-14 16:33:04.000000000 +0100 @@ -0,0 +1,29 @@ +Description: Segfault fix on memo zero length multiple page + . + While converting memo field to string, stop processing on zero length + multiple page. +Author: lovelytwo <> +Reviewed-by: Jean-Michel Vourgère <jmv_deb@nirgal.com> +Last-Update: 2014-05-02 +Applied-Upstream: commit:a89baeacf5976daf196e6f902fa84ca176d399db + +Index: mdbtools/src/libmdb/data.c +=================================================================== +--- mdbtools.orig/src/libmdb/data.c ++++ mdbtools/src/libmdb/data.c +@@ -732,9 +732,13 @@ static char *mdb_memo_to_string(MdbHandl + printf("row num %d start %d len %d\n", + pg_row & 0xff, row_start, len); + #endif +- if (tmpoff + len - 4 > memo_len) { ++ if (tmpoff + len - 4 > memo_len) + break; +- } ++ ++ /* Stop processing on zero length multiple page memo fields */ ++ if (!len) ++ break; ++ + memcpy(tmp + tmpoff, buf + row_start + 4, len - 4); + tmpoff += len - 4; + } while (( pg_row = mdb_get_int32(buf, row_start) )); diff -Nru mdbtools-0.7/debian/patches/series mdbtools-0.7/debian/patches/series --- mdbtools-0.7/debian/patches/series 2015-03-14 16:27:10.000000000 +0100 +++ mdbtools-0.7/debian/patches/series 2015-03-14 16:33:04.000000000 +0100 @@ -3,3 +3,5 @@ export_repid_uuid_as_string_use_char_38_in_mysql gmdb2_double_free binaries_to_string +memo_zero_len_multipage +bin_output_fixAttachment: signature.asc
Description: OpenPGP digital signature
--- End Message ---
--- Begin Message ---
- To: 725661-done@bugs.debian.org, 770955-done@bugs.debian.org, 773796-done@bugs.debian.org, 774773-done@bugs.debian.org, 774820-done@bugs.debian.org, 774850-done@bugs.debian.org, 774921-done@bugs.debian.org, 775380-done@bugs.debian.org, 775603-done@bugs.debian.org, 775664-done@bugs.debian.org, 775825-done@bugs.debian.org, 776095-done@bugs.debian.org, 776734-done@bugs.debian.org, 776781-done@bugs.debian.org, 776884-done@bugs.debian.org, 777046-done@bugs.debian.org, 777047-done@bugs.debian.org, 777372-done@bugs.debian.org, 777553-done@bugs.debian.org, 778622-done@bugs.debian.org, 779083-done@bugs.debian.org, 779622-done@bugs.debian.org, 779926-done@bugs.debian.org, 780191-done@bugs.debian.org, 780471-done@bugs.debian.org, 780798-done@bugs.debian.org, 780924-done@bugs.debian.org, 781281-done@bugs.debian.org, 781406-done@bugs.debian.org, 781542-done@bugs.debian.org, 781885-done@bugs.debian.org, 781965-done@bugs.debian.org, 782042-done@bugs.debian.org, 782165-done@bugs.debian.org, 782409-done@bugs.debian.org, 782600-done@bugs.debian.org, 782663-done@bugs.debian.org, 782848-done@bugs.debian.org, 783659-done@bugs.debian.org, 783749-done@bugs.debian.org, 784102-done@bugs.debian.org, 785155-done@bugs.debian.org, 785348-done@bugs.debian.org, 785735-done@bugs.debian.org, 786691-done@bugs.debian.org, 786830-done@bugs.debian.org, 786919-done@bugs.debian.org, 787076-done@bugs.debian.org, 787403-done@bugs.debian.org, 787933-done@bugs.debian.org, 787947-done@bugs.debian.org, 788064-done@bugs.debian.org, 788242-done@bugs.debian.org, 788558-done@bugs.debian.org, 788664-done@bugs.debian.org, 790692-done@bugs.debian.org, 790940-done@bugs.debian.org, 793028-done@bugs.debian.org, 794962-done@bugs.debian.org, 795166-done@bugs.debian.org, 795892-done@bugs.debian.org, 797079-done@bugs.debian.org, 797213-done@bugs.debian.org
- Subject: Closing bugs for 7.9
- From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
- Date: Sat, 05 Sep 2015 14:33:54 +0100
- Message-id: <1441460034.2151.33.camel@adam-barratt.org.uk>
Version: 7.9 Hi, These bugs relate to updates which were included in the 7.9 point release. Regards, Adam
--- End Message ---