Debian Bug report logs - #540146
CVE-2009-2660: Multiple integer overflows

version graph

Package: camlimages; Maintainer for camlimages is Debian OCaml Maintainers <debian-ocaml-maint@lists.debian.org>;

Reported by: Giuseppe Iuculano <giuseppe@iuculano.it>

Date: Thu, 6 Aug 2009 07:18:02 UTC

Severity: grave

Tags: patch, security

Fixed in versions camlimages/1:3.0.1-3, camlimages/1:2.2.0-4+lenny2, camlimages/2.20-8+etch2

Done: Steffen Joeris <white@debian.org>

Bug is archived. No further changes may be made.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox


Report forwarded to debian-bugs-dist@lists.debian.org, team@security.debian.org, secure-testing-team@lists.alioth.debian.org, Debian OCaml Maintainers <debian-ocaml-maint@lists.debian.org>:
Bug#540146; Package camlimages. (Thu, 06 Aug 2009 07:18:04 GMT) Full text and rfc822 format available.

Acknowledgement sent to Giuseppe Iuculano <giuseppe@iuculano.it>:
New Bug report received and forwarded. Copy sent to team@security.debian.org, secure-testing-team@lists.alioth.debian.org, Debian OCaml Maintainers <debian-ocaml-maint@lists.debian.org>. (Thu, 06 Aug 2009 07:18:04 GMT) Full text and rfc822 format available.

Message #5 received at submit@bugs.debian.org (full text, mbox):

From: Giuseppe Iuculano <giuseppe@iuculano.it>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: CVE-2009-2660: Multiple integer overflows
Date: Thu, 06 Aug 2009 09:11:01 +0200
Package: camlimages
Severity: grave
Tags: security

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi,
the following CVE (Common Vulnerabilities & Exposures) id was
published for camlimages.

CVE-2009-2660[0]:
| Multiple integer overflows in CamlImages 2.2 might allow
| context-dependent attackers to execute arbitrary code via images
| containing large width and height values that trigger a heap-based
| buffer overflow, related to (1) crafted GIF files (gifread.c) and (2)
| crafted JPEG files (jpegread.c), a different vulnerability than
| CVE-2009-2295.

If you fix the vulnerability please also make sure to include the
CVE id in your changelog entry.

For further information see:

[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2660
    http://security-tracker.debian.net/tracker/CVE-2009-2660

Cheers,
Giuseppe.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAkp6ggEACgkQNxpp46476ar1/gCfc/keILkLon57EJQMFCRtSlB4
NxQAn0yvAYKn3Cmg6YUGr1bX10Ju+wa/
=4KlA
-----END PGP SIGNATURE-----




Information forwarded to debian-bugs-dist@lists.debian.org, Debian OCaml Maintainers <debian-ocaml-maint@lists.debian.org>:
Bug#540146; Package camlimages. (Sat, 08 Aug 2009 08:03:03 GMT) Full text and rfc822 format available.

Acknowledgement sent to Steffen Joeris <steffen.joeris@skolelinux.de>:
Extra info received and forwarded to list. Copy sent to Debian OCaml Maintainers <debian-ocaml-maint@lists.debian.org>. (Sat, 08 Aug 2009 08:03:03 GMT) Full text and rfc822 format available.

Message #10 received at 540146@bugs.debian.org (full text, mbox):

From: Steffen Joeris <steffen.joeris@skolelinux.de>
To: 540146@bugs.debian.org
Subject: gentoo's patch and debdiff
Date: Sat, 8 Aug 2009 17:59:04 +1000
[Message part 1 (text/plain, inline)]
Hi

I'd suggest going with gentoo's approach of using a separate oversized.h file.
Any objections? I've tried building this, but the debdiff between the -dev 
binary packages was quite huge, so I am not uploading anything.

Cheers
Steffen

[0]: https://bugs.gentoo.org/attachment.cgi?id=199108&action=view
[debdiff (text/x-patch, attachment)]
[signature.asc (application/pgp-signature, inline)]

Added tag(s) patch. Request was from Steffen Joeris <white@debian.org> to control@bugs.debian.org. (Sat, 08 Aug 2009 08:03:04 GMT) Full text and rfc822 format available.

Information forwarded to debian-bugs-dist@lists.debian.org, Debian OCaml Maintainers <debian-ocaml-maint@lists.debian.org>:
Bug#540146; Package camlimages. (Sat, 08 Aug 2009 08:30:06 GMT) Full text and rfc822 format available.

Acknowledgement sent to Sylvain Le Gall <gildor@debian.org>:
Extra info received and forwarded to list. Copy sent to Debian OCaml Maintainers <debian-ocaml-maint@lists.debian.org>. (Sat, 08 Aug 2009 08:30:06 GMT) Full text and rfc822 format available.

Message #17 received at 540146@bugs.debian.org (full text, mbox):

From: Sylvain Le Gall <gildor@debian.org>
To: Steffen Joeris <steffen.joeris@skolelinux.de>, 540146@bugs.debian.org
Subject: Re: Bug#540146: gentoo's patch and debdiff
Date: Sat, 8 Aug 2009 10:26:38 +0200
[Message part 1 (text/plain, inline)]
Hello,

I fix this bug yesterday in the git repository. Please contact me before
working on it next time (I am not yet on VAC). I appreciate your work
but I am sorry it is a duplicate (and not using the same approach, since
I split the patch).

Thanks anyway.

Regards
Sylvain Le Gall

On Sat, Aug 08, 2009 at 05:59:04PM +1000, Steffen Joeris wrote:
> Hi
> 
> I'd suggest going with gentoo's approach of using a separate oversized.h file.
> Any objections? I've tried building this, but the debdiff between the -dev 
> binary packages was quite huge, so I am not uploading anything.
> 
> Cheers
> Steffen
> 
> [0]: https://bugs.gentoo.org/attachment.cgi?id=199108&action=view

> diff -u camlimages-3.0.1/debian/changelog camlimages-3.0.1/debian/changelog
> --- camlimages-3.0.1/debian/changelog
> +++ camlimages-3.0.1/debian/changelog
> @@ -1,3 +1,12 @@
> +camlimages (1:3.0.1-2.1) unstable; urgency=high
> +
> +  * Non-maintainer upload by the security team
> +  * Expand security patch for integer overflows to also cover other
> +    image types (Closes: #540146)
> +    Fixes: CVE-2009-2660
> +
> + -- Steffen Joeris <white@debian.org>  Sat, 08 Aug 2009 07:05:38 +0000
> +
>  camlimages (1:3.0.1-2) unstable; urgency=low
>  
>    [ Mehdi Dogguy ]
> diff -u camlimages-3.0.1/debian/patches/fix_integer_overflows.dpatch camlimages-3.0.1/debian/patches/fix_integer_overflows.dpatch
> --- camlimages-3.0.1/debian/patches/fix_integer_overflows.dpatch
> +++ camlimages-3.0.1/debian/patches/fix_integer_overflows.dpatch
> @@ -8,82 +8,155 @@
> -diff -urNad camlimages~/src/pngread.c camlimages/src/pngread.c
> ---- camlimages~/src/pngread.c	2009-06-23 11:22:20.000000000 +0200
> -+++ camlimages/src/pngread.c	2009-07-03 17:51:31.000000000 +0200
> -@@ -15,6 +15,8 @@
> - #include "config.h"
> - #endif
> - 
> -+#include <limits.h>
> +Index: src/gifread.c
> +===================================================================
> +--- src/gifread.c.orig
> ++++ camlimages-3.0.1/src/gifread.c
> +@@ -20,6 +20,8 @@
> + #include <caml/memory.h>
> + #include <caml/fail.h>
> + 
> ++#include "oversized.h"
> ++
> + #include <stdio.h>
> + #include <string.h>
> + 
> +@@ -191,6 +193,9 @@ value dGifGetLine( value hdl )
> + 
> +   GifFileType *GifFile = (GifFileType*) hdl;
> + 
> ++  if( oversized( GifFile->Image.Width, sizeof(GifPixelType) ) ){
> ++    failwith_oversized("gif");
> ++  }
> +   buf = alloc_string( GifFile->Image.Width * sizeof(GifPixelType) ); 
> + 
> +   if( DGifGetLine(GifFile, String_val(buf), GifFile->Image.Width ) 
> +Index: src/jpegread.c
> +===================================================================
> +--- src/jpegread.c.orig
> ++++ camlimages-3.0.1/src/jpegread.c
> +@@ -20,6 +20,8 @@
> + #include <caml/memory.h>
> + #include <caml/fail.h>
> + 
> ++#include "oversized.h"
> ++
> + #include <stdio.h>
> + #include <string.h>
> + 
> +@@ -156,6 +158,12 @@ read_JPEG_file (value name)
> +    */ 
> +   /* JSAMPLEs per row in output buffer */
> + 
> ++  if( oversized(cinfo.output_width, cinfo.output_components) ){
> ++    jpeg_destroy_decompress(&cinfo);
> ++    fclose(infile);
> ++    failwith_oversized("jpeg");
> ++  }
> ++
> +   row_stride = cinfo.output_width * cinfo.output_components;
> + 
> +   /* Make a one-row-high sample array that will go away when done with image */
> +@@ -177,6 +185,12 @@ read_JPEG_file (value name)
> +     jpeg_read_scanlines(&cinfo, buffer + cinfo.output_scanline, 1); 
> +   }
> + 
> ++  if( oversized(row_stride, cinfo.output_height) ){
> ++    jpeg_destroy_decompress(&cinfo);
> ++    fclose(infile);
> ++    failwith_oversized("jpeg");
> ++  }
>  +
> - #include <png.h>
> - 
> - #include <caml/mlvalues.h>
> -@@ -26,6 +28,12 @@
> - #define PNG_TAG_INDEX16 2
> - #define PNG_TAG_INDEX4 3
> - 
> +   {
> +     CAMLlocalN(r,3);
> +     r[0] = Val_int(cinfo.output_width);
> +@@ -352,6 +366,7 @@ value open_jpeg_file_for_read_start( jpe
> + 
> +   { 
> +     CAMLlocalN(r,3);
> ++    // CR jfuruse: integer overflow
> +     r[0] = Val_int(cinfop->output_width);
> +     r[1] = Val_int(cinfop->output_height);
> +     r[2] = alloc_tuple(3);
> +Index: src/oversized.h
> +===================================================================
> +--- /dev/null
> ++++ camlimages-3.0.1/src/oversized.h
> +@@ -0,0 +1,9 @@
> ++#include <limits.h>
>  +/* Test if x or y are negative, or if multiplying x * y would cause an
>  + * arithmetic overflow.
>  + */
>  +#define oversized(x, y)						\
>  +  ((x) < 0 || (y) < 0 || ((y) != 0 && (x) > INT_MAX / (y)))
>  +
> - value read_png_file_as_rgb24( name )
> -      value name;
> - {
> -@@ -81,6 +89,9 @@
> ++#define failwith_oversized(lib) \
> ++  failwith("#lib error: image contains oversized or bogus width and height");
> +Index: src/pngread.c
> +===================================================================
> +--- src/pngread.c.orig
> ++++ camlimages-3.0.1/src/pngread.c
> +@@ -17,6 +17,8 @@
> + 
> + #include <png.h>
> + 
> ++#include "oversized.h"
> ++
> + #include <caml/mlvalues.h>
> + #include <caml/alloc.h>
> + #include <caml/memory.h>
> +@@ -81,6 +83,9 @@ value read_png_file_as_rgb24( name )
>     png_get_IHDR(png_ptr, info_ptr, &width, &height, &bit_depth, &color_type,
>   	       &interlace_type, NULL, NULL);
>   
>  +  if (oversized (width, height))
> -+    failwith ("png error: image contains oversized or bogus width and height");
> ++    failwith_oversized("png");
>  +
>     if ( color_type == PNG_COLOR_TYPE_GRAY ||
>          color_type == PNG_COLOR_TYPE_GRAY_ALPHA ) { 
>       png_set_gray_to_rgb(png_ptr); 
> -@@ -102,10 +113,16 @@
> +@@ -102,10 +107,16 @@ value read_png_file_as_rgb24( name )
>   
>     rowbytes = png_get_rowbytes(png_ptr, info_ptr);
>   
>  +  if (oversized (rowbytes, height))
> -+    failwith ("png error: image contains oversized or bogus rowbytes and height");
> ++    failwith_oversized("png");
>  +
>     {
>       int i;
>       png_bytep *row_pointers;
>   
>  +    if (oversized (sizeof (png_bytep), height))
> -+      failwith ("png error: image contains oversized or bogus height");
> ++      failwith_oversized("png");
>  +
>       row_pointers = (png_bytep*) stat_alloc(sizeof(png_bytep) * height);
>   
>       res = alloc_tuple(3);
> -@@ -235,6 +252,9 @@
> +@@ -235,6 +246,9 @@ value read_png_file( name )
>     png_get_IHDR(png_ptr, info_ptr, &width, &height, &bit_depth, &color_type,
>   	       &interlace_type, NULL, NULL);
>   
>  +  if (oversized (width, height))
> -+    failwith ("png error: image contains oversized or bogus width and height");
> ++    failwith_oversized("png");
>  +
>     if ( color_type == PNG_COLOR_TYPE_GRAY ||
>          color_type == PNG_COLOR_TYPE_GRAY_ALPHA ) { 
>       png_set_gray_to_rgb(png_ptr); 
> -@@ -251,6 +271,9 @@
> +@@ -251,6 +265,9 @@ value read_png_file( name )
>   
>     rowbytes = png_get_rowbytes(png_ptr, info_ptr);
>   
>  +  if (oversized (rowbytes, height))
> -+    failwith ("png error: image contains oversized or bogus rowbytes and height");
> ++    failwith_oversized("png");
>  +
>   /*
>   fprintf(stderr, "pngread.c: actual loading\n"); fflush(stderr);
>   */
> -@@ -259,6 +282,9 @@
> +@@ -259,6 +276,9 @@ fprintf(stderr, "pngread.c: actual loadi
>       png_bytep *row_pointers;
>       char mesg[256];
>    
>  +    if (oversized (sizeof (png_bytep), height))
> -+      failwith ("png error: image contains oversized or bogus height");
> ++      failwith_oversized("png");
>  +
>       row_pointers = (png_bytep*)stat_alloc(sizeof(png_bytep) * height);
>       res = alloc_tuple(3);
>   
> +



[signature.asc (application/pgp-signature, inline)]

Reply sent to Sylvain Le Gall <gildor@debian.org>:
You have taken responsibility. (Sat, 08 Aug 2009 10:31:16 GMT) Full text and rfc822 format available.

Notification sent to Giuseppe Iuculano <giuseppe@iuculano.it>:
Bug acknowledged by developer. (Sat, 08 Aug 2009 10:31:16 GMT) Full text and rfc822 format available.

Message #22 received at 540146-close@bugs.debian.org (full text, mbox):

From: Sylvain Le Gall <gildor@debian.org>
To: 540146-close@bugs.debian.org
Subject: Bug#540146: fixed in camlimages 1:3.0.1-3
Date: Sat, 08 Aug 2009 09:32:31 +0000
Source: camlimages
Source-Version: 1:3.0.1-3

We believe that the bug you reported is fixed in the latest version of
camlimages, which is due to be installed in the Debian FTP archive:

camlimages_3.0.1-3.diff.gz
  to pool/main/c/camlimages/camlimages_3.0.1-3.diff.gz
camlimages_3.0.1-3.dsc
  to pool/main/c/camlimages/camlimages_3.0.1-3.dsc
libcamlimages-ocaml-dev_3.0.1-3_amd64.deb
  to pool/main/c/camlimages/libcamlimages-ocaml-dev_3.0.1-3_amd64.deb
libcamlimages-ocaml-doc_3.0.1-3_all.deb
  to pool/main/c/camlimages/libcamlimages-ocaml-doc_3.0.1-3_all.deb
libcamlimages-ocaml_3.0.1-3_amd64.deb
  to pool/main/c/camlimages/libcamlimages-ocaml_3.0.1-3_amd64.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 540146@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Sylvain Le Gall <gildor@debian.org> (supplier of updated camlimages package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Fri, 07 Aug 2009 23:56:55 +0200
Source: camlimages
Binary: libcamlimages-ocaml libcamlimages-ocaml-dev libcamlimages-ocaml-doc
Architecture: source all amd64
Version: 1:3.0.1-3
Distribution: unstable
Urgency: low
Maintainer: Debian OCaml Maintainers <debian-ocaml-maint@lists.debian.org>
Changed-By: Sylvain Le Gall <gildor@debian.org>
Description: 
 libcamlimages-ocaml - OCaml image processing library
 libcamlimages-ocaml-dev - OCaml image processing library
 libcamlimages-ocaml-doc - OCaml CamlImages library documentation
Closes: 540146
Changes: 
 camlimages (1:3.0.1-3) unstable; urgency=low
 .
   * Add a patch fix_more_integer_overflows to fix security issues,
    (Closes: 540146)
    Fixes: CVE-2009-2660
Checksums-Sha1: 
 7eee6a3482cbbaa9a1ebe6f234abea8d78ba25cf 1687 camlimages_3.0.1-3.dsc
 8bc0c961cc0f8e53bc403c22f48bbdc591b8434d 9999 camlimages_3.0.1-3.diff.gz
 af8e4f44a894025336e03c9f4a3b2b0dd375defb 683120 libcamlimages-ocaml-doc_3.0.1-3_all.deb
 67947cb0ca8dd694d0a221c54c095fc491e6ef49 27292 libcamlimages-ocaml_3.0.1-3_amd64.deb
 c8190a0e02fedc7f372310583402581b1fd17acd 394818 libcamlimages-ocaml-dev_3.0.1-3_amd64.deb
Checksums-Sha256: 
 eec2f2692ac568d0d2e7b38b39872415d413d262305ec13faa3fe2e95da67864 1687 camlimages_3.0.1-3.dsc
 9837c48934475350f3760cee26bb3c80731181b3ca6c47cba4b46ed25d7251b8 9999 camlimages_3.0.1-3.diff.gz
 4a03587b640d9adedcbb3058c673b032289aa60cdd1c7f1c9780e3d94e28343f 683120 libcamlimages-ocaml-doc_3.0.1-3_all.deb
 d542ebee12ca81e8a79690d2f45954df0f29d0027299d2247c7e338598429904 27292 libcamlimages-ocaml_3.0.1-3_amd64.deb
 4b95322647a2621aa73f63b2fa59cfc49110cecac4c0a0e0180ad23eef10c4bb 394818 libcamlimages-ocaml-dev_3.0.1-3_amd64.deb
Files: 
 46cf0bed0f99ca1119eb7eeb2f65ec9f 1687 devel optional camlimages_3.0.1-3.dsc
 2f76c7d4741e28a89949d5c112f94089 9999 devel optional camlimages_3.0.1-3.diff.gz
 e7f60df1c86df53b791c0879508a2dc5 683120 doc optional libcamlimages-ocaml-doc_3.0.1-3_all.deb
 04543ba0c33a5335da120ec7730b543f 27292 ocaml optional libcamlimages-ocaml_3.0.1-3_amd64.deb
 3e80203c15f7182ab266f9d3f7ab0801 394818 ocaml optional libcamlimages-ocaml-dev_3.0.1-3_amd64.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAkp9OTQACgkQir2bofsN/pvh9gCglclQo5wk3sf8F9AR+JsufG4J
xYkAnjP2BFIcLo4frUAriX7FWRDiVHMz
=DEy7
-----END PGP SIGNATURE-----





Reply sent to Steffen Joeris <white@debian.org>:
You have taken responsibility. (Tue, 11 Aug 2009 02:33:03 GMT) Full text and rfc822 format available.

Notification sent to Giuseppe Iuculano <giuseppe@iuculano.it>:
Bug acknowledged by developer. (Tue, 11 Aug 2009 02:33:03 GMT) Full text and rfc822 format available.

Message #27 received at 540146-close@bugs.debian.org (full text, mbox):

From: Steffen Joeris <white@debian.org>
To: 540146-close@bugs.debian.org
Subject: Bug#540146: fixed in camlimages 1:2.2.0-4+lenny2
Date: Tue, 11 Aug 2009 01:57:39 +0000
Source: camlimages
Source-Version: 1:2.2.0-4+lenny2

We believe that the bug you reported is fixed in the latest version of
camlimages, which is due to be installed in the Debian FTP archive:

camlimages_2.2.0-4+lenny2.diff.gz
  to pool/main/c/camlimages/camlimages_2.2.0-4+lenny2.diff.gz
camlimages_2.2.0-4+lenny2.dsc
  to pool/main/c/camlimages/camlimages_2.2.0-4+lenny2.dsc
libcamlimages-ocaml-dev_2.2.0-4+lenny2_i386.deb
  to pool/main/c/camlimages/libcamlimages-ocaml-dev_2.2.0-4+lenny2_i386.deb
libcamlimages-ocaml-doc_2.2.0-4+lenny2_all.deb
  to pool/main/c/camlimages/libcamlimages-ocaml-doc_2.2.0-4+lenny2_all.deb
libcamlimages-ocaml_2.2.0-4+lenny2_i386.deb
  to pool/main/c/camlimages/libcamlimages-ocaml_2.2.0-4+lenny2_i386.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 540146@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Steffen Joeris <white@debian.org> (supplier of updated camlimages package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Sat, 08 Aug 2009 09:38:11 +0200
Source: camlimages
Binary: libcamlimages-ocaml libcamlimages-ocaml-dev libcamlimages-ocaml-doc
Architecture: source all i386
Version: 1:2.2.0-4+lenny2
Distribution: stable-security
Urgency: high
Maintainer: Debian OCaml Maintainers <debian-ocaml-maint@lists.debian.org>
Changed-By: Steffen Joeris <white@debian.org>
Description: 
 libcamlimages-ocaml - OCaml image processing library
 libcamlimages-ocaml-dev - OCaml image processing library
 libcamlimages-ocaml-doc - OCaml CamlImages library documentation
Closes: 540146
Changes: 
 camlimages (1:2.2.0-4+lenny2) stable-security; urgency=high
 .
   * Non-maintainer upload by the security team
   * Expand patch to also cover integer overflows in jpegread.c and
     gifread.c (Closes: #540146)
     Fixes: CVE-2009-2660
Checksums-Sha1: 
 10ab5646bea418457420747192a3be4651c33a41 1704 camlimages_2.2.0-4+lenny2.dsc
 69b01cacd66464aa8c7cedf484ab0e99ec9863fe 10276 camlimages_2.2.0-4+lenny2.diff.gz
 cbabd12a3a284dd8340d96a45507db8fe8ca398d 601216 libcamlimages-ocaml-doc_2.2.0-4+lenny2_all.deb
 bcc77e04c8103aec65dc10739797f828c4b349fc 27806 libcamlimages-ocaml_2.2.0-4+lenny2_i386.deb
 ca6e5e7cb86ce81ec4961bee7db0202f4605d328 953792 libcamlimages-ocaml-dev_2.2.0-4+lenny2_i386.deb
Checksums-Sha256: 
 9eb28d9ac9e49599c6595782f7c3f1d4218631d061e6a1fc9994f9bd8e216447 1704 camlimages_2.2.0-4+lenny2.dsc
 f2956f512267f496d75e0a940de44521cc9289b961dfb13439d8210d14f2f3ce 10276 camlimages_2.2.0-4+lenny2.diff.gz
 e44a8d135005bba41ec77783a70b6f0768e0dcf84c7d06c278e262768fa910c9 601216 libcamlimages-ocaml-doc_2.2.0-4+lenny2_all.deb
 563798cfb5081b7c187be654d732c5044921661d2ad6d164a607a5120b1ad944 27806 libcamlimages-ocaml_2.2.0-4+lenny2_i386.deb
 f1c0f7c2dcbbf3624d850bdbdfcf2eed9f4254aa5ab69d5efcc14c6ea3be7e8e 953792 libcamlimages-ocaml-dev_2.2.0-4+lenny2_i386.deb
Files: 
 e31602e616bfb495c440e6ff2d4a8cc4 1704 devel optional camlimages_2.2.0-4+lenny2.dsc
 9951858aae15e9eaeeeb8bda63ee49a2 10276 devel optional camlimages_2.2.0-4+lenny2.diff.gz
 8c425e344795481cb0c7080b7a9bcf27 601216 doc optional libcamlimages-ocaml-doc_2.2.0-4+lenny2_all.deb
 c70d399a74066ded2a200bce05f857ee 27806 libs optional libcamlimages-ocaml_2.2.0-4+lenny2_i386.deb
 e9b7136b5706fce67e6ff199b6b85148 953792 libdevel optional libcamlimages-ocaml-dev_2.2.0-4+lenny2_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAkp9MOsACgkQ62zWxYk/rQcGSACeMQsqZHrYdIwea9KrQy52AnrD
Y6YAn1AGJg48KvvmxwRHhZLoMCytIq4q
=twBo
-----END PGP SIGNATURE-----





Reply sent to Steffen Joeris <white@debian.org>:
You have taken responsibility. (Sun, 30 Aug 2009 14:30:18 GMT) Full text and rfc822 format available.

Notification sent to Giuseppe Iuculano <giuseppe@iuculano.it>:
Bug acknowledged by developer. (Sun, 30 Aug 2009 14:30:19 GMT) Full text and rfc822 format available.

Message #32 received at 540146-close@bugs.debian.org (full text, mbox):

From: Steffen Joeris <white@debian.org>
To: 540146-close@bugs.debian.org
Subject: Bug#540146: fixed in camlimages 2.20-8+etch2
Date: Sun, 30 Aug 2009 14:01:58 +0000
Source: camlimages
Source-Version: 2.20-8+etch2

We believe that the bug you reported is fixed in the latest version of
camlimages, which is due to be installed in the Debian FTP archive:

camlimages_2.20-8+etch2.diff.gz
  to pool/main/c/camlimages/camlimages_2.20-8+etch2.diff.gz
camlimages_2.20-8+etch2.dsc
  to pool/main/c/camlimages/camlimages_2.20-8+etch2.dsc
libcamlimages-ocaml-dev_2.20-8+etch2_i386.deb
  to pool/main/c/camlimages/libcamlimages-ocaml-dev_2.20-8+etch2_i386.deb
libcamlimages-ocaml-doc_2.20-8+etch2_all.deb
  to pool/main/c/camlimages/libcamlimages-ocaml-doc_2.20-8+etch2_all.deb
libcamlimages-ocaml_2.20-8+etch2_i386.deb
  to pool/main/c/camlimages/libcamlimages-ocaml_2.20-8+etch2_i386.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 540146@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Steffen Joeris <white@debian.org> (supplier of updated camlimages package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Sat, 08 Aug 2009 09:54:48 +0200
Source: camlimages
Binary: libcamlimages-ocaml libcamlimages-ocaml-doc libcamlimages-ocaml-dev
Architecture: source i386 all
Version: 2.20-8+etch2
Distribution: oldstable-security
Urgency: high
Maintainer: Debian OCaml Maintainers <debian-ocaml-maint@lists.debian.org>
Changed-By: Steffen Joeris <white@debian.org>
Description: 
 libcamlimages-ocaml - OCaml image processing library
 libcamlimages-ocaml-dev - OCaml image processing library
 libcamlimages-ocaml-doc - OCaml CamlImages library documentation
Closes: 540146
Changes: 
 camlimages (2.20-8+etch2) oldstable-security; urgency=high
 .
   * Non-maintainer upload by the security team
   * Expand patch to also cover integer overflows in jpegread.c and
     gifread.c (Closes: #540146)
     Fixes: CVE-2009-2660
Files: 
 9dc39921e9569777eeb24c38b0ba0fae 904 devel optional camlimages_2.20-8+etch2.dsc
 cf4767d4ac5521e64b409605f3803506 9346 devel optional camlimages_2.20-8+etch2.diff.gz
 16d54539aab49f9f6c7cc5a8fe7bbf92 600500 doc optional libcamlimages-ocaml-doc_2.20-8+etch2_all.deb
 2a25218e9ad03594f8c22f884e850cff 24594 libs optional libcamlimages-ocaml_2.20-8+etch2_i386.deb
 a4abd61aa97cfb9996e0641c9ed9f378 845868 libdevel optional libcamlimages-ocaml-dev_2.20-8+etch2_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAkp9MPEACgkQ62zWxYk/rQfsWwCghE4wmjRYQ7+0FfN0FV4Ye/mE
6eEAnizf7yT0sBDfKtYt1KOwp2IyZw9G
=jqun
-----END PGP SIGNATURE-----





Reply sent to Steffen Joeris <white@debian.org>:
You have taken responsibility. (Fri, 04 Sep 2009 19:09:20 GMT) Full text and rfc822 format available.

Notification sent to Giuseppe Iuculano <giuseppe@iuculano.it>:
Bug acknowledged by developer. (Fri, 04 Sep 2009 19:09:21 GMT) Full text and rfc822 format available.

Message #37 received at 540146-close@bugs.debian.org (full text, mbox):

From: Steffen Joeris <white@debian.org>
To: 540146-close@bugs.debian.org
Subject: Bug#540146: fixed in camlimages 1:2.2.0-4+lenny2
Date: Fri, 04 Sep 2009 18:31:46 +0000
Source: camlimages
Source-Version: 1:2.2.0-4+lenny2

We believe that the bug you reported is fixed in the latest version of
camlimages, which is due to be installed in the Debian FTP archive:

camlimages_2.2.0-4+lenny2.diff.gz
  to pool/main/c/camlimages/camlimages_2.2.0-4+lenny2.diff.gz
camlimages_2.2.0-4+lenny2.dsc
  to pool/main/c/camlimages/camlimages_2.2.0-4+lenny2.dsc
libcamlimages-ocaml-dev_2.2.0-4+lenny2_i386.deb
  to pool/main/c/camlimages/libcamlimages-ocaml-dev_2.2.0-4+lenny2_i386.deb
libcamlimages-ocaml-doc_2.2.0-4+lenny2_all.deb
  to pool/main/c/camlimages/libcamlimages-ocaml-doc_2.2.0-4+lenny2_all.deb
libcamlimages-ocaml_2.2.0-4+lenny2_i386.deb
  to pool/main/c/camlimages/libcamlimages-ocaml_2.2.0-4+lenny2_i386.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 540146@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Steffen Joeris <white@debian.org> (supplier of updated camlimages package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Sat, 08 Aug 2009 09:38:11 +0200
Source: camlimages
Binary: libcamlimages-ocaml libcamlimages-ocaml-dev libcamlimages-ocaml-doc
Architecture: source all i386
Version: 1:2.2.0-4+lenny2
Distribution: stable-security
Urgency: high
Maintainer: Debian OCaml Maintainers <debian-ocaml-maint@lists.debian.org>
Changed-By: Steffen Joeris <white@debian.org>
Description: 
 libcamlimages-ocaml - OCaml image processing library
 libcamlimages-ocaml-dev - OCaml image processing library
 libcamlimages-ocaml-doc - OCaml CamlImages library documentation
Closes: 540146
Changes: 
 camlimages (1:2.2.0-4+lenny2) stable-security; urgency=high
 .
   * Non-maintainer upload by the security team
   * Expand patch to also cover integer overflows in jpegread.c and
     gifread.c (Closes: #540146)
     Fixes: CVE-2009-2660
Checksums-Sha1: 
 10ab5646bea418457420747192a3be4651c33a41 1704 camlimages_2.2.0-4+lenny2.dsc
 69b01cacd66464aa8c7cedf484ab0e99ec9863fe 10276 camlimages_2.2.0-4+lenny2.diff.gz
 cbabd12a3a284dd8340d96a45507db8fe8ca398d 601216 libcamlimages-ocaml-doc_2.2.0-4+lenny2_all.deb
 bcc77e04c8103aec65dc10739797f828c4b349fc 27806 libcamlimages-ocaml_2.2.0-4+lenny2_i386.deb
 ca6e5e7cb86ce81ec4961bee7db0202f4605d328 953792 libcamlimages-ocaml-dev_2.2.0-4+lenny2_i386.deb
Checksums-Sha256: 
 9eb28d9ac9e49599c6595782f7c3f1d4218631d061e6a1fc9994f9bd8e216447 1704 camlimages_2.2.0-4+lenny2.dsc
 f2956f512267f496d75e0a940de44521cc9289b961dfb13439d8210d14f2f3ce 10276 camlimages_2.2.0-4+lenny2.diff.gz
 e44a8d135005bba41ec77783a70b6f0768e0dcf84c7d06c278e262768fa910c9 601216 libcamlimages-ocaml-doc_2.2.0-4+lenny2_all.deb
 563798cfb5081b7c187be654d732c5044921661d2ad6d164a607a5120b1ad944 27806 libcamlimages-ocaml_2.2.0-4+lenny2_i386.deb
 f1c0f7c2dcbbf3624d850bdbdfcf2eed9f4254aa5ab69d5efcc14c6ea3be7e8e 953792 libcamlimages-ocaml-dev_2.2.0-4+lenny2_i386.deb
Files: 
 e31602e616bfb495c440e6ff2d4a8cc4 1704 devel optional camlimages_2.2.0-4+lenny2.dsc
 9951858aae15e9eaeeeb8bda63ee49a2 10276 devel optional camlimages_2.2.0-4+lenny2.diff.gz
 8c425e344795481cb0c7080b7a9bcf27 601216 doc optional libcamlimages-ocaml-doc_2.2.0-4+lenny2_all.deb
 c70d399a74066ded2a200bce05f857ee 27806 libs optional libcamlimages-ocaml_2.2.0-4+lenny2_i386.deb
 e9b7136b5706fce67e6ff199b6b85148 953792 libdevel optional libcamlimages-ocaml-dev_2.2.0-4+lenny2_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAkp9MOsACgkQ62zWxYk/rQcGSACeMQsqZHrYdIwea9KrQy52AnrD
Y6YAn1AGJg48KvvmxwRHhZLoMCytIq4q
=twBo
-----END PGP SIGNATURE-----





Bug archived. Request was from Debbugs Internal Request <owner@bugs.debian.org> to internal_control@bugs.debian.org. (Sat, 03 Oct 2009 07:39:11 GMT) Full text and rfc822 format available.

Send a report that this bug log contains spam.


Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Thu Apr 24 20:56:09 2014; Machine Name: beach.debian.org

Debian Bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.