Bug#928210: marked as done (CVE-2019-11471)

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

Bug#928210: marked as done (CVE-2019-11471)

Debian Bug Tracking System
Your message dated Sat, 01 Jun 2019 22:18:32 +0000
with message-id <[hidden email]>
and subject line Bug#928210: fixed in libheif 1.3.2-2
has caused the Debian Bug report #928210,
regarding CVE-2019-11471
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [hidden email]
immediately.)


--
928210: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=928210
Debian Bug Tracking System
Contact [hidden email] with problems

Source: libheif
Severity: grave
Tags: security

This was assigned CVE-2019-11471:
https://github.com/strukturag/libheif/issues/123

Patch:
https://github.com/strukturag/libheif/commit/995a4283d8ed2d0d2c1ceb1a577b993df2f0e014

Cheers,
        Moritz
 

Source: libheif
Source-Version: 1.3.2-2

We believe that the bug you reported is fixed in the latest version of
libheif, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [hidden email],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Reinhard Tartler <[hidden email]> (supplier of updated libheif package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [hidden email])


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 01 Jun 2019 17:56:05 -0400
Source: libheif
Architecture: source
Version: 1.3.2-2
Distribution: unstable
Urgency: medium
Maintainer: Debian Multimedia Maintainers <[hidden email]>
Changed-By: Reinhard Tartler <[hidden email]>
Closes: 928210
Changes:
 libheif (1.3.2-2) unstable; urgency=medium
 .
   * Team Upload
 .
   [ Dylan A├»ssi ]
   * Add patch to fix CVE-2019-11471, Closes: #928210
Checksums-Sha1:
 23d7393da6f4fcc4704c71ada3288ac91612bfb6 2287 libheif_1.3.2-2.dsc
 9e19dac142e9a752bc56399362acd0c16a3f1c96 5552 libheif_1.3.2-2.debian.tar.xz
Checksums-Sha256:
 bf993b095de7ee614e930c7b559eeb908bf75fce3f79fb98417c7f67105684be 2287 libheif_1.3.2-2.dsc
 2abcb6b030085b90b4c84c4ea29d160c39f2438838e73cc956f51dce56d98e71 5552 libheif_1.3.2-2.debian.tar.xz
Files:
 5f120fd1599bd9c2e5190fee0b00aba1 2287 libs optional libheif_1.3.2-2.dsc
 50593a75d412c5fd1f8e30e75bf2da45 5552 libs optional libheif_1.3.2-2.debian.tar.xz

-----BEGIN PGP SIGNATURE-----

iQJIBAEBCgAyFiEE6n5rckvJ+/LRcetya3IL6cXPbZ4FAlzy9jQUHHNpcmV0YXJ0
QHRhdXdhcmUuZGUACgkQa3IL6cXPbZ6kYRAAwn7/BY+IuLppT+VbhPoZfCMZfvIt
J5EPrrk7g2aGa0PwZHMquzf7MfayQsspe65uN4n6T5rmsJDsemIbVnXwMThwJPd3
VVVWy4Jv0OdCK1+5IKLcaN38YAg5jzZmCLDAYdXjEFFJk7rlkkjh0nZh13KKPvHG
azeEFCF9IFM8KT3roC04EC50iMS88EwjmeSmYPvqA/9P/gMCGRTkdSg1KYQDVEIb
lAcChMreF7YmYHxMTZ3Lxx8YVS4h5DLGcBbeBAyqyWZzQ4kjPWsbiOg+0lR+KYyc
nDgAKSY/z9fvGEARQfOYal9m8BgcyarVxviZkU/EYWotznsQYTvgHQAcqTZxdWro
dHfgOrTtW4OtZJsGKosnXK+qzpdO30VaF7sPX9Kq0+DH4HO5LoZKvD3qA0qOT5h0
iu78iAXt2xWTtg8xTVjwW9cu4Z72RrqnZacAMq6wwDEEb8yFxldGlwI95WbEQFkP
Ow7esRgpFwzXrqZOKp03i+YRbRgCz8f36YB8i4hwpx0Of14bW/rvu0zNwPDIfwV5
VGBgCdMSmZz+t1h1Qw0Wfen1+6KDuXcumcRa6F4oWYw4fm/muWEcmjRZkdrz7wSY
84hHfoHaWcgHfamX+hY7RJCtDSp/yLsQQIl3dQmc3eKnZyq2FxIVQr5l6JUfx/VB
GHJm+MSlGTTG4k8=
=d+C5
-----END PGP SIGNATURE-----