Bug#969008: marked as done (libx11: CVE-2020-14363)
Your message dated Sat, 19 Sep 2020 22:02:09 +0000
with message-id <E1kJkvp-000Dia-GX@fasolo.debian.org>
and subject line Bug#969008: fixed in libx11 2:1.6.7-1+deb10u1
has caused the Debian Bug report #969008,
regarding libx11: CVE-2020-14363
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)
--
969008: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=969008
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message ---
- To: Debian Bug Tracking System <submit@bugs.debian.org>
- Subject: libx11: CVE-2020-14363
- From: Salvatore Bonaccorso <carnil@debian.org>
- Date: Tue, 25 Aug 2020 23:51:30 +0200
- Message-id: <159839229099.1617151.6590843316570720336.reportbug@eldamar.local>
Source: libx11
Version: 2:1.6.10-3
Severity: important
Tags: security upstream
X-Debbugs-Cc: carnil@debian.org, Debian Security Team <team@security.debian.org>
Hi,
The following vulnerability was published for libx11.
CVE-2020-14363[0]:
| Double free in libX11 locale handling code
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2020-14363
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14363
[1] https://lists.x.org/archives/xorg-announce/2020-August/003056.html
Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: libx11
Source-Version: 2:1.6.7-1+deb10u1
Done: =?utf-8?q?Moritz_M=C3=BChlenhoff?= <jmm@debian.org>
We believe that the bug you reported is fixed in the latest version of
libx11, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 969008@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Moritz Mühlenhoff <jmm@debian.org> (supplier of updated libx11 package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Fri, 11 Sep 2020 19:38:11 +0200
Source: libx11
Binary: libx11-6 libx11-6-dbgsym libx11-6-udeb libx11-data libx11-dev libx11-doc libx11-xcb-dev libx11-xcb1 libx11-xcb1-dbgsym
Architecture: source amd64 all
Version: 2:1.6.7-1+deb10u1
Distribution: buster
Urgency: medium
Maintainer: Debian X Strike Force <debian-x@lists.debian.org>
Changed-By: Moritz Mühlenhoff <jmm@debian.org>
Description:
libx11-6 - X11 client-side library
libx11-6-udeb - X11 client-side library (udeb)
libx11-data - X11 client-side library
libx11-dev - X11 client-side library (development headers)
libx11-doc - X11 client-side library (development documentation)
libx11-xcb-dev - Xlib/XCB interface library (development headers)
libx11-xcb1 - Xlib/XCB interface library
Closes: 969008
Changes:
libx11 (2:1.6.7-1+deb10u1) buster; urgency=medium
.
* CVE-2020-14344
* CVE-2020-14363 (Closes: #969008)
Checksums-Sha1:
a3b7895be69ea9e014836571d0f239741568cbbe 2651 libx11_1.6.7-1+deb10u1.dsc
61acfa22579d99a86e9299989cf9e16a751189dc 52461 libx11_1.6.7-1+deb10u1.diff.gz
6a7ab839299ca02d7beb55a4cf1dfb27c045cb32 3738744 libx11-6-dbgsym_1.6.7-1+deb10u1_amd64.deb
cddbcf5398b737b0aee5d4b49f6ba007f1a398c7 564940 libx11-6-udeb_1.6.7-1+deb10u1_amd64.udeb
96d92f96a16ff4870aa24ff05c4bf97dd5e57d4b 756536 libx11-6_1.6.7-1+deb10u1_amd64.deb
6d8bbed424be23a767a7bdea3fa57aa5a3a5376a 294212 libx11-data_1.6.7-1+deb10u1_all.deb
fc668ba340e8fdd7cb1001579488a3f8c4773673 823720 libx11-dev_1.6.7-1+deb10u1_amd64.deb
14f179ccce66cead88567e32ebb154387eba3a24 2211480 libx11-doc_1.6.7-1+deb10u1_all.deb
c42adeaaf0fba095e056cc26902e36af58605cc1 192268 libx11-xcb-dev_1.6.7-1+deb10u1_amd64.deb
f6889f73620e3a1a1b448ccf7e30e51fccddab24 17112 libx11-xcb1-dbgsym_1.6.7-1+deb10u1_amd64.deb
f543d57841dd6833f7c828daba754ab36cd78084 190088 libx11-xcb1_1.6.7-1+deb10u1_amd64.deb
70d3f92a0078ab2b72bb4eb0a85b8b8d41f41e02 8514 libx11_1.6.7-1+deb10u1_amd64.buildinfo
Checksums-Sha256:
32165ead57fed813168f87bd43d5dd387c2a27bba4c77bd8e8075cee90f90fce 2651 libx11_1.6.7-1+deb10u1.dsc
ea3a943ea781136b3d5320010039e42039b0e58d5aeeca2d2b7a0593f9ce04ef 52461 libx11_1.6.7-1+deb10u1.diff.gz
7740de8cb31c4796536a2299a2cebe6b699eff04bfcec17a11f7b6759f747f51 3738744 libx11-6-dbgsym_1.6.7-1+deb10u1_amd64.deb
9d5073a04f3e1650f917a70c22a779a04c32e03b3cc4157d3e1d6a879ea833fd 564940 libx11-6-udeb_1.6.7-1+deb10u1_amd64.udeb
f9d62eaa734828d4282fe4c17613c1a688af4cccbe2819eb691b3aaf615e882f 756536 libx11-6_1.6.7-1+deb10u1_amd64.deb
02f795889390fa0e1f29c6ecdd4a30cd0aae39c0c6b1379410055404b0897c66 294212 libx11-data_1.6.7-1+deb10u1_all.deb
3c4f6db885b695aba4a3eea8e89a6fa7954574f470fe3f53d2e46380d64351f1 823720 libx11-dev_1.6.7-1+deb10u1_amd64.deb
874d39a6fa287fe49dda0b7eb9c486a3e94b15543add5f5a105460c58fbebe2e 2211480 libx11-doc_1.6.7-1+deb10u1_all.deb
5b60f6b1b84497d44386a2d1f5d963b00d3ae51bb3bfadfddb91842e753b0719 192268 libx11-xcb-dev_1.6.7-1+deb10u1_amd64.deb
99886fb5b3711da960a19004417348fb2b7ffcc613e01da51849c5ce5d186d39 17112 libx11-xcb1-dbgsym_1.6.7-1+deb10u1_amd64.deb
240c1b0351c6fcec4de05026499dfd97a13ae90c718b03c49ab439bba2bd618f 190088 libx11-xcb1_1.6.7-1+deb10u1_amd64.deb
324bd7ba81cead4798e600d48a66eab8136ae2bdf455e89ff21581be35a688be 8514 libx11_1.6.7-1+deb10u1_amd64.buildinfo
Files:
f4f65f9427b49e81d5a8fd4c641d865f 2651 x11 optional libx11_1.6.7-1+deb10u1.dsc
467ae6b78a3b6af86d0318e52f01ea7f 52461 x11 optional libx11_1.6.7-1+deb10u1.diff.gz
46fc78739186a2d1baa1b1dd23978a5f 3738744 debug optional libx11-6-dbgsym_1.6.7-1+deb10u1_amd64.deb
dc01a9ff5ffde147142ec4400e48ab90 564940 debian-installer optional libx11-6-udeb_1.6.7-1+deb10u1_amd64.udeb
c35ba57b947d2ded54091edf948374f5 756536 libs optional libx11-6_1.6.7-1+deb10u1_amd64.deb
69d2d71341cfa8346ae9df085e3f408e 294212 x11 optional libx11-data_1.6.7-1+deb10u1_all.deb
7663605e8b749245979c5ee2f6265341 823720 libdevel optional libx11-dev_1.6.7-1+deb10u1_amd64.deb
e7258c6a97ca18d064922915838be38b 2211480 doc optional libx11-doc_1.6.7-1+deb10u1_all.deb
83d921b6bd5eab1db0829c9abfcc2bd9 192268 libdevel optional libx11-xcb-dev_1.6.7-1+deb10u1_amd64.deb
c5a5684ec321b0b4ca741673f0df1214 17112 debug optional libx11-xcb1-dbgsym_1.6.7-1+deb10u1_amd64.deb
439fc66eb9095de9d942b18f8dbd2961 190088 libs optional libx11-xcb1_1.6.7-1+deb10u1_amd64.deb
ca6109a0938ba438fec83a93dc058aeb 8514 x11 optional libx11_1.6.7-1+deb10u1_amd64.buildinfo
Package-Type: udeb
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAl9k8cYACgkQEMKTtsN8
Tja9YA//cSSuIk/SoqQHawG30Gx+Lkhka3ULOP2iMRUifD8lSlsfoBPpW6oKRAna
P/+/H/FehT28PByfV/zjR54sVtTtOnIwY7nHM9O8evaH/3MIkgb2eyQOgU7rH1ps
LqM1CPZ26h3QJqrUItUzc5tsiIS6bQC2y7vKJUs/bSU/6jKSf3e9J2RMulSXFK0Y
k1jfw4IxdxFKfaviDQkOrIIMzCq1Yze2KdqAWGK4GutqW9tZyWn+rlUNYNKjDRe3
ZNpHrcXmUcmYev4EbQtdT/DlGj87sXnaf0M1RLGZhmKH2QpFdq7Y8e0pue2IUcoH
VmAtff35bc6AKaVjBA2Pu0t5uszQI7HvAuI3xY/Ot+/q6Z774LmkL+u3Mlj/le3h
KS98FBdxA7Ro+Qg9UHTxfaaD/P7Jttr3O7O8Mdv4FruEpxivisnXFpELyCJf7Fc8
8/v2L1NYR8i/NsvJ3kevWyz4pXlHfzTLI6GvoCknhRfAb7lDiUVYMLqbZAlOEi6H
XFOE+rMGyBJZ8K/4N6eI3m2s7GmwRSABlOejO9xOv//8urNUjfs66eObgmcmwScu
vtzJo5WyeNH4vhAyl2oVQ6yrvOPteocpmsLpw8S6d7zCBhYQdu89lK5RAaI42wZq
5vbjIx9Q9x5M8iZ5dKdg7Lf22TRhsDGpdvz5QurTQGz1RmNWOv0=
=fnhG
-----END PGP SIGNATURE-----
--- End Message ---
Reply to: