Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

libxvmc: CVE-2016-7953

Related Vulnerabilities: CVE-2016-7953  

Source

Debian Bug report logs - #840445
libxvmc: CVE-2016-7953

version graph

Package: src:libxvmc; Maintainer for src:libxvmc is Debian X Strike Force <debian-x@lists.debian.org>;

Reported by: Salvatore Bonaccorso <carnil@debian.org>

Date: Tue, 11 Oct 2016 16:00:02 UTC

Severity: important

Tags: patch, security, upstream

Found in version libxvmc/2:1.0.8-2

Fixed in version libxvmc/2:1.0.10-1

Done: Emilio Pozuelo Monfort <pochu@debian.org>

Bug is archived. No further changes may be made.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox

Report forwarded to debian-bugs-dist@lists.debian.org, carnil@debian.org, team@security.debian.org, secure-testing-team@lists.alioth.debian.org, Debian X Strike Force <debian-x@lists.debian.org>:
Bug#840445; Package src:libxvmc. (Tue, 11 Oct 2016 16:00:03 GMT) (full text, mbox, link).

Acknowledgement sent to Salvatore Bonaccorso <carnil@debian.org>:
New Bug report received and forwarded. Copy sent to carnil@debian.org, team@security.debian.org, secure-testing-team@lists.alioth.debian.org, Debian X Strike Force <debian-x@lists.debian.org>. (Tue, 11 Oct 2016 16:00:04 GMT) (full text, mbox, link).

Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

From: Salvatore Bonaccorso <carnil@debian.org>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: libxvmc: CVE-2016-7953
Date: Tue, 11 Oct 2016 17:57:04 +0200
Source: libxvmc
Version: 2:1.0.8-2
Severity: important
Tags: security upstream patch

Hi,

the following vulnerability was published for libxvmc.

CVE-2016-7953[0]

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2016-7953

Regards,
Salvatore

Added tag(s) pending. Request was from Andreas Boll <andreas.boll.dev@gmail.com> to control@bugs.debian.org. (Tue, 25 Oct 2016 10:15:10 GMT) (full text, mbox, link).

Reply sent to Emilio Pozuelo Monfort <pochu@debian.org>:
You have taken responsibility. (Mon, 05 Dec 2016 19:21:14 GMT) (full text, mbox, link).

Notification sent to Salvatore Bonaccorso <carnil@debian.org>:
Bug acknowledged by developer. (Mon, 05 Dec 2016 19:21:14 GMT) (full text, mbox, link).

Message #12 received at 840445-close@bugs.debian.org (full text, mbox, reply):

From: Emilio Pozuelo Monfort <pochu@debian.org>
To: 840445-close@bugs.debian.org
Subject: Bug#840445: fixed in libxvmc 2:1.0.10-1
Date: Mon, 05 Dec 2016 19:18:41 +0000
Source: libxvmc
Source-Version: 2:1.0.10-1

We believe that the bug you reported is fixed in the latest version of
libxvmc, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 840445@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Emilio Pozuelo Monfort <pochu@debian.org> (supplier of updated libxvmc package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Mon, 05 Dec 2016 19:52:24 +0100
Source: libxvmc
Binary: libxvmc1 libxvmc-dev
Architecture: source
Version: 2:1.0.10-1
Distribution: unstable
Urgency: medium
Maintainer: Debian X Strike Force <debian-x@lists.debian.org>
Changed-By: Emilio Pozuelo Monfort <pochu@debian.org>
Description:
 libxvmc-dev - X11 Video extension library (development headers)
 libxvmc1   - X11 Video extension library
Closes: 840445
Changes:
 libxvmc (2:1.0.10-1) unstable; urgency=medium
 .
   [ Andreas Boll ]
   * New upstream release.
     - Fixes CVE-2016-7953 (Closes: #840445).
   * Update d/upstream/signing-key.asc with Matthieu Herrb's key.
   * Update a bunch of URLs in packaging to https.
   * Remove Drew from Uploaders.
   * Add placeholder comment into series file.
 .
   [ Emilio Pozuelo Monfort ]
   * Bump debhelper compat to 10.
   * Switch from xsfbs to dh.
   * Drop unneeded libtool and automake build-deps, debhelper now depends
     on and calls dh-autoreconf for us.
   * Switch to -dbgsym packages.
   * Move XvMCConfig to its target directory with libxvmc1.install.
   * Bump Standards-Version to 3.9.8, no changes.
Checksums-Sha1:
 c31b3855de169f0ed33652003bd447b893c388f9 2010 libxvmc_1.0.10-1.dsc
 ebcd70da1c3a01d785df6a003c475cdaaac145ad 377367 libxvmc_1.0.10.orig.tar.gz
 1ae62491faae974d5a619be48630a90f8b5cc072 10767 libxvmc_1.0.10-1.diff.gz
Checksums-Sha256:
 bbf8ab792c940972a4f706814143a32405cba961381fbd8b21902614e6ef865d 2010 libxvmc_1.0.10-1.dsc
 d8306f71c798d10409bb181b747c2644e1d60c05773c742c12304ab5aa5c8436 377367 libxvmc_1.0.10.orig.tar.gz
 9f0c5e074f00c2f4f91f0925f50311266f2d61af6ea2003a39ce32759d8601e7 10767 libxvmc_1.0.10-1.diff.gz
Files:
 58670f6b530ea1556e952b1e4eb5121d 2010 x11 optional libxvmc_1.0.10-1.dsc
 ddb5c45bc56977acfdeec29b8118c487 377367 x11 optional libxvmc_1.0.10.orig.tar.gz
 b2bf95aa7ac42ca6f558585b9b2d3814 10767 x11 optional libxvmc_1.0.10-1.diff.gz

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEcJymx+vmJZxd92Q+nUbEiOQ2gwIFAlhFuLgACgkQnUbEiOQ2
gwI8Lg//TwZYTYRyNRhIzZ3hd+xfJK3uHCa/wri68vZGqCi9ja/GiC+miPa62iCf
itMc4bDHDWoTMz/+APL/y6oz3L+aMwHDStYtFvUz400r8QlymMl0YWnR+gAZnYNe
JOdi05liTsCinzZu4/6C6oYyV+4JBEILkDU367T9Qvns+QKvMcrhJall55f1uUZF
C2FkmmBg4Im3rtd8AbXQ5QoXmUmFVeEMDY6Hh4g2jIqAab1zbRr2c3eULECVbuOR
R/rBg9atta1nRvmeCmAkBHw7yrS7qZbbZbNDB1QSCRYLdjmF4M9eTWMZDxkeTdVo
DZ/+YuP2hq7/wCZ7SFAWckOplNxhUq92f0Ouajzf5AcFyTxCsjVMJjo+OMkoTWY7
OaTrl55tsHhCiZgxosJ3482yfA7d0hcsfd4+ZLkNt8XsAqMXLU7UPS0Efl0z/Soe
K3h4tr4GH4ej3+A3Mhk9k9cZWDU5QwIDjhqGG/0C8vLFGOQZikhNU8dSKkigMtwg
/7Mfy/sJdDprgMoKRXB6Cdj8gEdZVnHqMU8MGuKAxrl9U/PF82isicIdaLobjfY4
T/eTwYDUw95cwrPLlWFhKwfTfQ7VqRF/YFOesw5u1GZICFDo5LK8WOG6l6AlDX2w
5iIVuQmeDBUtJcEy+Mm3uG/6oD2r8nCfTx72mzg1hMJW5HumUnU=
=Ou+q
-----END PGP SIGNATURE-----

Bug archived. Request was from Debbugs Internal Request <owner@bugs.debian.org> to internal_control@bugs.debian.org. (Fri, 27 Jan 2017 09:33:36 GMT) (full text, mbox, link).

Send a report that this bug log contains spam.

Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Wed Jun 19 14:19:33 2019; Machine Name: beach

Debian Bug tracking system

Debbugs is free software and licensed under the terms of the GNU Public License version 2. The current version can be obtained from https://bugs.debian.org/debbugs-source/.

Copyright © 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson, 2005-2017 Don Armstrong, and many other contributors.

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started