Debian Bug report logs -
#922459
CVE-2018-20540
Toggle useless messages
Report forwarded
to debian-bugs-dist@lists.debian.org, team@security.debian.org, Debian GIS Project <pkg-grass-devel@lists.alioth.debian.org>:
Bug#922459; Package src:liblas.
(Sat, 16 Feb 2019 12:33:04 GMT) (full text, mbox, link).
Acknowledgement sent
to Moritz Muehlenhoff <jmm@debian.org>:
New Bug report received and forwarded. Copy sent to team@security.debian.org, Debian GIS Project <pkg-grass-devel@lists.alioth.debian.org>.
(Sat, 16 Feb 2019 12:33:04 GMT) (full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
Source: liblas
Severity: normal
Tags: security
This was assigned CVE-2018-20540:
https://github.com/libLAS/libLAS/issues/158
https://github.com/libLAS/libLAS/commit/ba7346d349fb00b18d0c12e226ac3090eac25d7b
Cheers,
Moritz
Information forwarded
to debian-bugs-dist@lists.debian.org, Debian GIS Project <pkg-grass-devel@lists.alioth.debian.org>:
Bug#922459; Package src:liblas.
(Sat, 16 Feb 2019 12:45:08 GMT) (full text, mbox, link).
Acknowledgement sent
to Sebastiaan Couwenberg <sebastic@xs4all.nl>:
Extra info received and forwarded to list. Copy sent to Debian GIS Project <pkg-grass-devel@lists.alioth.debian.org>.
(Sat, 16 Feb 2019 12:45:08 GMT) (full text, mbox, link).
Message #10 received at 922459@bugs.debian.org (full text, mbox, reply):
Control: tags -1 pending
This issue is already fixed in git, but was not uploaded due to the low
severity.
Kind Regards,
Bas
--
GPG Key ID: 4096R/6750F10AE88D4AF1
Fingerprint: 8182 DE41 7056 408D 6146 50D1 6750 F10A E88D 4AF1
Added tag(s) pending.
Request was from Sebastiaan Couwenberg <sebastic@xs4all.nl>
to 922459-submit@bugs.debian.org.
(Sat, 16 Feb 2019 12:45:08 GMT) (full text, mbox, link).
Reply sent
to Bas Couwenberg <sebastic@debian.org>:
You have taken responsibility.
(Sat, 16 Feb 2019 13:39:06 GMT) (full text, mbox, link).
Notification sent
to Moritz Muehlenhoff <jmm@debian.org>:
Bug acknowledged by developer.
(Sat, 16 Feb 2019 13:39:06 GMT) (full text, mbox, link).
Message #17 received at 922459-close@bugs.debian.org (full text, mbox, reply):
Source: liblas
Source-Version: 1.8.1-10
We believe that the bug you reported is fixed in the latest version of
liblas, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 922459@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Bas Couwenberg <sebastic@debian.org> (supplier of updated liblas package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sat, 16 Feb 2019 13:37:29 +0100
Source: liblas
Binary: liblas-bin liblas-bin-dbgsym liblas-c-dev liblas-c3 liblas-c3-dbgsym liblas-dev liblas3 liblas3-dbgsym python-liblas
Architecture: source amd64 all
Version: 1.8.1-10
Distribution: unstable
Urgency: medium
Maintainer: Debian GIS Project <pkg-grass-devel@lists.alioth.debian.org>
Changed-By: Bas Couwenberg <sebastic@debian.org>
Description:
liblas-bin - ASPRS LiDAR data translation toolset
liblas-c-dev - ASPRS LiDAR data translation library - C development files
liblas-c3 - ASPRS LiDAR data translation library - C version
liblas-dev - ASPRS LiDAR data translation library - C++ development files
liblas3 - ASPRS LiDAR data translation library - C++ version
python-liblas - Python module to use the ASPRS LiDAR data translation library
Closes: 922459
Changes:
liblas (1.8.1-10) unstable; urgency=medium
.
* Add upstream patch to fix CVE-2018-20540.
(closes: #922459)
* Append -DNDEBUG to C{,XX}FLAGS to remove buildpath from binaries.
* Update symbols for amd64.
* Add lintian overrides for file-references-package-build-path.
Checksums-Sha1:
20217d5d17c8a4a1ef0819e97be66fd4e16abbf8 2571 liblas_1.8.1-10.dsc
8fbfccbb974e56fa6d9cb70d36176e538be3c4b2 38632 liblas_1.8.1-10.debian.tar.xz
6fecf8af3fffa13e90f3672a75673ef988c29051 7683780 liblas-bin-dbgsym_1.8.1-10_amd64.deb
df635815b7f03e39532688285ea8b75e806d8008 348460 liblas-bin_1.8.1-10_amd64.deb
a8c70dc6f9d7a333c6dffc06af2add9adffaf200 17068 liblas-c-dev_1.8.1-10_amd64.deb
63d005741d4fd31d44919db8e59a52068b8efc89 724868 liblas-c3-dbgsym_1.8.1-10_amd64.deb
531b27412fee2f5aa6a506340efeccdc4d916ffd 70332 liblas-c3_1.8.1-10_amd64.deb
73296a05f0f302b228e8d7aac6f7ae757dd4105b 94140 liblas-dev_1.8.1-10_amd64.deb
3d7861069c7a8fed028c1848ca713bd5d4511c81 5158624 liblas3-dbgsym_1.8.1-10_amd64.deb
d202aa218dde7302d991695cb970cb1ee52227e0 252384 liblas3_1.8.1-10_amd64.deb
053219fe86053f5980d1e883ba3d1a780e568a80 16388 liblas_1.8.1-10_amd64.buildinfo
95cb872128a6ae30f97c9b6e78c06f8a3885eb3c 40672 python-liblas_1.8.1-10_all.deb
Checksums-Sha256:
fd7f3ec981fcf390fb993686a8003b21b85a16b34a9e5ac69acc91e595e30057 2571 liblas_1.8.1-10.dsc
cd5f963b994f0f7764a37420ed4be5fa02be1ed9ccc4a443cec798e0a5cb98be 38632 liblas_1.8.1-10.debian.tar.xz
4db7507d23f25fa947afdaec65ba3c5c26f601038f4020d383b1e8b7849d4cbb 7683780 liblas-bin-dbgsym_1.8.1-10_amd64.deb
1d463cd476de8cd5cb3dbc03c371dce04300b88cfe98dd783a274411d076d98a 348460 liblas-bin_1.8.1-10_amd64.deb
4caa910bf316db638462f82ab3410deaa07203dacc5635de77b5aef475277f61 17068 liblas-c-dev_1.8.1-10_amd64.deb
e7cf7c8189c50c792b704ed168a8d0c8272e17b9e08aa69f9dda1472ee9db2cb 724868 liblas-c3-dbgsym_1.8.1-10_amd64.deb
661724c2f499df80a286fa3d6798d7036ffc90427ebaefbc66120f65dd0ec337 70332 liblas-c3_1.8.1-10_amd64.deb
503f5aced65b0512248e898561afb14fa6ea4c46592989682d7f51f26a10f9d6 94140 liblas-dev_1.8.1-10_amd64.deb
c1f2bc12a9de80218c9f2e7dd09fec5c5240b99b11bdccc44c7a79917b88e438 5158624 liblas3-dbgsym_1.8.1-10_amd64.deb
400b9987e350d266190b34b45b87e92767657a85974037d704ba0cf427fa6162 252384 liblas3_1.8.1-10_amd64.deb
8dcf57d77144f5ad5cd65a8bd5dafe5d1f8a65d283a154d394c0133e9bcac6c0 16388 liblas_1.8.1-10_amd64.buildinfo
48a42620160f0ea552a8ca4b39711f0906da70bddc43846ec869c5043a4ab6e7 40672 python-liblas_1.8.1-10_all.deb
Files:
64a87cab6f0e9b1ed4fd457637c1a900 2571 science optional liblas_1.8.1-10.dsc
6d5205fbb1ca0641e9e143101a865556 38632 science optional liblas_1.8.1-10.debian.tar.xz
8c11c4bc1dc67321762e31e39a4481c1 7683780 debug optional liblas-bin-dbgsym_1.8.1-10_amd64.deb
ba1d3c11b93787583043f677c3c2b255 348460 science optional liblas-bin_1.8.1-10_amd64.deb
08474f69ce5e1a058105be41f80059f8 17068 libdevel optional liblas-c-dev_1.8.1-10_amd64.deb
ba1d6048592d407675ebd5835f7ffa0a 724868 debug optional liblas-c3-dbgsym_1.8.1-10_amd64.deb
81b3e6702eec653832e539532758b27b 70332 libs optional liblas-c3_1.8.1-10_amd64.deb
96ad9bf82db3aa3ea1dd8dae60d71581 94140 libdevel optional liblas-dev_1.8.1-10_amd64.deb
39881d1242ea24a0e7392f19b7243f48 5158624 debug optional liblas3-dbgsym_1.8.1-10_amd64.deb
3faa97653bcc5d5d8035d2ea1daa4a58 252384 libs optional liblas3_1.8.1-10_amd64.deb
b8c05edb24cf7e923f8365b72f6a4d89 16388 science optional liblas_1.8.1-10_amd64.buildinfo
0457eb3eb0374c59d235c652e68d577a 40672 python optional python-liblas_1.8.1-10_all.deb
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEgYLeQXBWQI1hRlDRZ1DxCuiNSvEFAlxoDA0ACgkQZ1DxCuiN
SvGRWw/+JRZ9xP39TkuVoLjz3qyT74StfCLyzROLxkJVslumy9XLfGi9RZA7nFka
FWPt7zkDF7wuoowm5tlQzUZggT1UD9Tq1q9n+yJv4I2jUr54JBzlxdyCji43s70x
VFbtfwtB26a669P4ZmXTsuG4hNgHSEN7TCTpA/taID1rFpT5V1LuZahFB5eUS2VO
9SQohUFU/jh42Fknd970SASSdzET9ck6voZ2lAnshsEbEfLTU95mrHhnZ2dpI6BA
ESoRu3s6W/V5B2bW3Fc8tmt87PoHggs2mNvGeT00pN/t128o4hHibaWvBQpwUW45
CEN81Ks8BVNmorYiKd6W+7krnRGMwHaozOGkc6TqPnqE2+za4q5A7ekKwy9YdkdJ
8bhyoeOrrza0UbmfanKiNEYNsAlVmK6oDGKDbTWvGyIEb7M9hcSGGdZ9YKG1UlT8
iSzS1x5WGoNHWJhpnK8MAeA99vVwJaywIN3hxzxFS5kFX1VBUC6QSdlf6T58qYnT
9hDja0rW3wDxrogJmz81oIVCIHgXrDh0IlSzU0pTnBHv+NZRfbMIiqGNA0pcybgT
Jhq11QQeIHkilxasvRv4KP/VLUaIq6bxYVm64Gq2d/PiLrNBTz+08uRQdgNf0wss
31X+EN41TureJQkDK9BymMlCo6mmv7nWx8JP8QKvWcT4zOeUehQ=
=fUek
-----END PGP SIGNATURE-----
Marked as found in versions liblas/1.8.1-3.
Request was from Salvatore Bonaccorso <carnil@debian.org>
to control@bugs.debian.org.
(Sat, 16 Feb 2019 14:15:08 GMT) (full text, mbox, link).
Marked as found in versions liblas/1.8.1-9.
Request was from Salvatore Bonaccorso <carnil@debian.org>
to control@bugs.debian.org.
(Sat, 16 Feb 2019 14:15:09 GMT) (full text, mbox, link).
Added tag(s) fixed-upstream, upstream, and pending.
Request was from Salvatore Bonaccorso <carnil@debian.org>
to control@bugs.debian.org.
(Sat, 16 Feb 2019 14:15:10 GMT) (full text, mbox, link).
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org.
(Tue, 26 Mar 2019 07:29:05 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Wed Jun 19 19:08:52 2019;
Machine Name:
buxtehude
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.
Vulmon