Bug#979724: buster-pu: package libmaxminddb/1.3.2-1+deb10u1

To: "Adam D. Barratt" <adam@adam-barratt.org.uk>
Cc: 979724@bugs.debian.org
Subject: Bug#979724: buster-pu: package libmaxminddb/1.3.2-1+deb10u1
From: Faidon Liambotis <paravoid@debian.org>
Date: Sun, 17 Jan 2021 20:54:29 +0200
Message-id: <[🔎] 20210117185428.GA335457@tty.gr>
Reply-to: Faidon Liambotis <paravoid@debian.org>, 979724@bugs.debian.org
In-reply-to: <[🔎] 657118fa2fd59172a407547031a5a6fecffba89a.camel@adam-barratt.org.uk>
References: <[🔎] 20210110193947.GA31416@tty.gr> <[🔎] 657118fa2fd59172a407547031a5a6fecffba89a.camel@adam-barratt.org.uk> <[🔎] 20210110193947.GA31416@tty.gr>

On Sat, Jan 16, 2021 at 06:00:00PM +0000, Adam D. Barratt wrote:
> Control: tags -1 + confirmed
> 
> On Sun, 2021-01-10 at 21:39 +0200, Faidon Liambotis wrote:
> > This is an buster proposed update to fix CVE-2020-28241:
> > > libmaxminddb before 1.4.3 has a heap-based buffer over-read in
> > > dump_entry_data_list in maxminddb.c.
> > 
> > The security team has marked the CVE as "<no-dsa> (Minor issue)", and
> > filed #973878 against the package.
> > 
> 
> Please go ahead.

Thanks!

This is now uploaded and ACCEPTed into proposed-updates->stable-new.

Best,
Faidon

P.S. Not sure if I'm supposed to mark this bug done myself?

Reply to:

Follow-Ups:
- Bug#979724: buster-pu: package libmaxminddb/1.3.2-1+deb10u1
  - From: Salvatore Bonaccorso <carnil@debian.org>

References:
- Bug#979724: buster-pu: package libmaxminddb/1.3.2-1+deb10u1
  - From: Faidon Liambotis <paravoid@debian.org>
- Bug#979724: buster-pu: package libmaxminddb/1.3.2-1+deb10u1
  - From: "Adam D. Barratt" <adam@adam-barratt.org.uk>

Prev by Date: Bug#979072: RM: pepperflashplugin-nonfree -- RoQA; No longer work; upstream eol
Next by Date: Bug#968894: marked as done (release.debian.org: binNMUs requests for libxcrypt "transition")
Previous by thread: Bug#979724: buster-pu: package libmaxminddb/1.3.2-1+deb10u1
Next by thread: Bug#979724: buster-pu: package libmaxminddb/1.3.2-1+deb10u1
Index(es):
- Date
- Thread