Your message dated Sat, 14 Jan 2017 12:37:03 +0000 with message-id <1484397423.1091.25.camel@adam-barratt.org.uk> and subject line Closing requests included in today's point release has caused the Debian Bug report #845263, regarding jessie-pu: package w3m/0.5.3-19+deb8u1 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact owner@bugs.debian.org immediately.) -- 845263: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=845263 Debian Bug Tracking System Contact owner@bugs.debian.org with problems
--- Begin Message ---
- To: submit@bugs.debian.org
- Subject: jessie-pu: package w3m/0.5.3-19+deb8u1
- From: Tatsuya Kinoshita <tats@debian.org>
- Date: Tue, 22 Nov 2016 06:40:21 +0900 (JST)
- Message-id: <20161122.064021.1345348727498360543.tats%nobody@tats.iris.ne.jp>
Package: release.debian.org Severity: normal Tags: jessie User: release.debian.org@packages.debian.org Usertags: pu Hi, the release team, I'd like to update package w3m in jessie to fix multiple security flaws, CVE ID assigned issues and similar issues, managed as no DSA. cf. https://security-tracker.debian.org/tracker/source-package/w3m http://www.openwall.com/lists/oss-security/2016/11/18/3 See this changelog and the attached debdiff. w3m (0.5.3-19+deb8u1) jessie; urgency=medium * New patch 901_ucsmap.patch to fix array index (closes: #820162) * New patch 902_johab1.patch to fix array index (closes: #820373) * New patch 903_input-type.patch to fix null deref [CVE-2016-9430] * New patch 904_form-update.patch to fix overflow [CVE-2016-9423] [CVE-2016-9431] * New patch 905_textarea.patch to fix heap write [CVE-2016-9424] * New patch 906_form-update.patch to fix bcopy size [CVE-2016-9432] * New patch 907_iso2022.patch to fix array index [CVE-2016-9433] * New patch 908_forms.patch to fix null deref [CVE-2016-9434] * New patch 909_button-type.patch to fix rodata write [CVE-2016-9437] * New patch 910_input-alt.patch to fix null deref [CVE-2016-9438] * New patch 911_rowcolspan.patch to fix stack smashing [CVE-2016-9422] * New patch 912_i-dd.patch to fix uninit values [CVE-2016-9435] [CVE-2016-9436] * New patch 913_tabwidth.patch to fix heap corruption [CVE-2016-9426] * New patch 914_curline.patch to fix near-null deref [CVE-2016-9440] * New patch 915_table-alt.patch to fix near-null deref [CVE-2016-9441] * New patch 916_anchor.patch to fix heap write [CVE-2016-9425] [CVE-2016-9428] * New patch 917_strgrow.patch to fix potential heap buffer corruption [CVE-2016-9442] * New patch 918_form-value.patch to fix null deref [CVE-2016-9443] * New patch 919_form-update.patch to fix buffer overflow [CVE-2016-9429] * New patch 920_table.patch to fix stack overflow [CVE-2016-9439] (closes: #844726) * New patch 921_cotable.patch to fix null deref * New patch 922_lineproc.patch to fix null deref * New patch 923_tagproc.patch to fix negative size allocation * New patch 924_curline.patch to fix near-null deref * New patch 925_lineproc.patch to fix stack overflow * New patch 926_indent-level.patch to fix stack overflow * New patch 927_symbol.patch to fix array index * New patch 928_form-id.patch to fix null deref * New patch 929_anchor.patch to fix null deref * New patch 930_tbl-mode.patch to fix null deref * New patch 931_parse-url.patch to fix global-buffer-overflow * New patch 932_ucsmap.patch to fix global-buffer-overflow -- Tatsuya Kinoshita <tats@debian.org> Tue, 22 Nov 2016 00:34:52 +0900 Please let me know if I can upload it. Thanks, -- Tatsuya KinoshitaAttachment: w3m.debdiff
Description: Binary dataAttachment: pgpUpdonR6GFt.pgp
Description: PGP signature
--- End Message ---
--- Begin Message ---
- To: 823517-done@bugs.debian.org, 829606-done@bugs.debian.org, 836795-done@bugs.debian.org, 836823-done@bugs.debian.org, 837105-done@bugs.debian.org, 837428-done@bugs.debian.org, 837558-done@bugs.debian.org, 837575-done@bugs.debian.org, 837607-done@bugs.debian.org, 838396-done@bugs.debian.org, 838780-done@bugs.debian.org, 838869-done@bugs.debian.org, 838882-done@bugs.debian.org, 839242-done@bugs.debian.org, 839531-done@bugs.debian.org, 839656-done@bugs.debian.org, 839731-done@bugs.debian.org, 839814-done@bugs.debian.org, 839907-done@bugs.debian.org, 839927-done@bugs.debian.org, 840127-done@bugs.debian.org, 840188-done@bugs.debian.org, 840191-done@bugs.debian.org, 840350-done@bugs.debian.org, 840378-done@bugs.debian.org, 840379-done@bugs.debian.org, 840942-done@bugs.debian.org, 841462-done@bugs.debian.org, 841681-done@bugs.debian.org, 841767-done@bugs.debian.org, 841979-done@bugs.debian.org, 842013-done@bugs.debian.org, 842509-done@bugs.debian.org, 842938-done@bugs.debian.org, 843171-done@bugs.debian.org, 843268-done@bugs.debian.org, 843411-done@bugs.debian.org, 843426-done@bugs.debian.org, 843508-done@bugs.debian.org, 843775-done@bugs.debian.org, 843999-done@bugs.debian.org, 844150-done@bugs.debian.org, 844161-done@bugs.debian.org, 844746-done@bugs.debian.org, 845156-done@bugs.debian.org, 845263-done@bugs.debian.org, 845387-done@bugs.debian.org, 845443-done@bugs.debian.org, 845474-done@bugs.debian.org, 845564-done@bugs.debian.org, 845570-done@bugs.debian.org, 846017-done@bugs.debian.org, 846031-done@bugs.debian.org, 846352-done@bugs.debian.org, 846948-done@bugs.debian.org, 847273-done@bugs.debian.org, 847921-done@bugs.debian.org, 848341-done@bugs.debian.org, 848610-done@bugs.debian.org, 848829-done@bugs.debian.org, 848908-done@bugs.debian.org, 848926-done@bugs.debian.org, 848942-done@bugs.debian.org, 849004-done@bugs.debian.org, 849020-done@bugs.debian.org, 849175-done@bugs.debian.org, 849438-done@bugs.debian.org, 849467-done@bugs.debian.org, 849538-done@bugs.debian.org, 849698-done@bugs.debian.org, 849725-done@bugs.debian.org, 849865-done@bugs.debian.org, 849869-done@bugs.debian.org, 849962-done@bugs.debian.org, 849967-done@bugs.debian.org, 850084-done@bugs.debian.org, 850154-done@bugs.debian.org, 850214-done@bugs.debian.org, 850539-done@bugs.debian.org, 850542-done@bugs.debian.org, 850563-done@bugs.debian.org, 850566-done@bugs.debian.org, 850567-done@bugs.debian.org, 838109-done@bugs.debian.org, 849488-done@bugs.debian.org
- Subject: Closing requests included in today's point release
- From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
- Date: Sat, 14 Jan 2017 12:37:03 +0000
- Message-id: <1484397423.1091.25.camel@adam-barratt.org.uk>Version: 8.7 Hi, Each of these bugs refers to an update that was included in today's 8.7 point release. Regards, Adam
--- End Message ---