Debian Bug report logs -
#683371
CVE-2012-4024 CVE-2012-4025
Reported by: Moritz Muehlenhoff <muehlenhoff@univention.de>
Date: Tue, 31 Jul 2012 08:15:01 UTC
Severity: normal
Tags: security
Fixed in version 1:4.2+20121212-1
Done: Moritz Muehlenhoff <jmm@inutil.org>
Bug is archived. No further changes may be made.
Toggle useless messages
Report forwarded
to debian-bugs-dist@lists.debian.org, team@security.debian.org, Daniel Baumann <daniel.baumann@progress-technologies.net>:
Bug#683371; Package squashfs-tools.
(Tue, 31 Jul 2012 08:15:03 GMT) (full text, mbox, link).
Acknowledgement sent
to Moritz Muehlenhoff <muehlenhoff@univention.de>:
New Bug report received and forwarded. Copy sent to team@security.debian.org, Daniel Baumann <daniel.baumann@progress-technologies.net>.
(Tue, 31 Jul 2012 08:15:03 GMT) (full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
Package: squashfs-tools
Severity: grave
Tags: security
Please see here for CVE-2012-402[45] :
http://sourceforge.net/mailarchive/forum.php?thread_name=CAAoG81HL9oP8roPLLhftTSXTzSD%2BZcR66PRkVU%3Df76W3Mjde_w%40mail.gmail.com&forum_name=squashfs-devel
Cheers,
Moritz
Severity set to 'normal' from 'grave'
Request was from Daniel Baumann <daniel.baumann@progress-technologies.net>
to control@bugs.debian.org.
(Tue, 14 Aug 2012 18:09:04 GMT) (full text, mbox, link).
Information forwarded
to debian-bugs-dist@lists.debian.org, Daniel Baumann <daniel.baumann@progress-technologies.net>:
Bug#683371; Package squashfs-tools.
(Tue, 14 Aug 2012 18:15:03 GMT) (full text, mbox, link).
Acknowledgement sent
to daniel.baumann@progress-technologies.net:
Extra info received and forwarded to list. Copy sent to Daniel Baumann <daniel.baumann@progress-technologies.net>.
(Tue, 14 Aug 2012 18:15:03 GMT) (full text, mbox, link).
Message #12 received at 683371@bugs.debian.org (full text, mbox, reply):
severity 683371 normal
thanks
according to upstrean and the description of the actual bugs, this
doesn't warrant serious severity.
--
Address: Daniel Baumann, Donnerbuehlweg 3, CH-3012 Bern
Email: daniel.baumann@progress-technologies.net
Internet: http://people.progress-technologies.net/~daniel.baumann/
Reply sent
to Moritz Muehlenhoff <jmm@inutil.org>:
You have taken responsibility.
(Thu, 28 Feb 2013 20:24:12 GMT) (full text, mbox, link).
Notification sent
to Moritz Muehlenhoff <muehlenhoff@univention.de>:
Bug acknowledged by developer.
(Thu, 28 Feb 2013 20:24:12 GMT) (full text, mbox, link).
Message #17 received at 683371-done@bugs.debian.org (full text, mbox, reply):
Version: 1:4.2+20121212-1
On Tue, Aug 14, 2012 at 08:14:16PM +0200, Daniel Baumann wrote:
> severity 683371 normal
> thanks
>
> according to upstrean and the description of the actual bugs, this
> doesn't warrant serious severity.
Fixed in the snapshot currently in unstable.
Cheers,
Moritz
Information forwarded
to debian-bugs-dist@lists.debian.org, Daniel Baumann <daniel.baumann@progress-technologies.net>:
Bug#683371; Package squashfs-tools.
(Fri, 01 Mar 2013 12:18:04 GMT) (full text, mbox, link).
Acknowledgement sent
to Jonathan Wiltshire <jmw@debian.org>:
Extra info received and forwarded to list. Copy sent to Daniel Baumann <daniel.baumann@progress-technologies.net>.
(Fri, 01 Mar 2013 12:18:04 GMT) (full text, mbox, link).
Message #22 received at 683371@bugs.debian.org (full text, mbox, reply):
Package: squashfs-tools
Dear maintainer,
Recently you fixed one or more security problems and as a result you closed
this bug. These problems were not serious enough for a Debian Security
Advisory, so they are now on my radar for fixing in the following suites
through point releases:
squeeze (6.0.7) - use target "stable"
Please prepare a minimal-changes upload targetting each of these suites,
and submit a debdiff to the Release Team [0] for consideration. They will
offer additional guidance or instruct you to upload your package.
I will happily assist you at any stage if the patch is straightforward and
you need help. Please keep me in CC at all times so I can
track [1] the progress of this request.
For details of this process and the rationale, please see the original
announcement [2] and my blog post [3].
0: debian-release@lists.debian.org
1: http://prsc.debian.net/tracker/683371/
2: <201101232332.11736.thijs@debian.org>
3: http://deb.li/prsc
Thanks,
with his security hat on:
--
Jonathan Wiltshire jmw@debian.org
Debian Developer http://people.debian.org/~jmw
4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC 74C3 5394 479D D352 4C51
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org.
(Sun, 01 Jun 2014 07:36:39 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Wed Jun 19 15:32:43 2019;
Machine Name:
buxtehude
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.
Vulmon