[SECURITY] [DLA 105-1] graphviz security update

To: debian-lts-announce@lists.debian.org
Subject: [SECURITY] [DLA 105-1] graphviz security update
From: Thorsten Alteholz <debian@alteholz.de>
Date: Thu, 11 Dec 2014 22:33:48 +0100 (CET)
Message-id: <[🔎] alpine.DEB.2.02.1412112232390.4091@jupiter.server.alteholz.net>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : graphviz
Version        : 2.26.3-5+squeeze3
CVE ID         : CVE-2014-9157
Debian Bug     : 772648

Joshua Rogers discovered a format string vulnerability in the yyerror
function in lib/cgraph/scan.l in Graphviz, a rich set of graph drawing
tools. An attacker could use this flaw to cause graphviz to crash or
possibly execute arbitrary code.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQJ8BAEBCgBmBQJUig28XxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ2MjAxRkJGRkRCQkRFMDc4MjJFQUJCOTY5
NkZDQUMwRDM4N0I1ODQ3AAoJEJb8rA04e1hHROkQAMa7gpyICCIfNR0vNv1bbVfe
tDIeZdRRiCuqU/d9N+leAI5CE0wFoSl+n9d5FNAIaaV3Y7c4Z8YrDkhR6LNxT8Ek
nRZtePYUJn697S7pqG6MJVpz+HDjgXHF7BdZmR2ylvtIxH6l/yJM+6GcdSPPXHLj
Yx+kVEU10tUJoOs2ykejhX4R/gQiapmL39+eG6BWYZFIPH4wvim+CJIY4tbeD26W
tRKtzlxnPlAc1wMjB6L04ZE1hyx0F3oJdVRfpXuSWWM1ps08nXRoQFjHKj9fifSN
qjNtPKFQaHtJc+Zo+T3+aQJS+J1v5Dxj+6E6cBe3k6Wb1JSedY2PeBK6/j2saqOU
XgZRFMa+mSz4vV6AB3FBvITMmVmR4tAT+Wn3UsLCBNLL1wIIoNmK3wn42mY4LFf7
qXUkmIZYwdcGKmVrOUGxqZWYrueuZIgAjXJC87zE/bfkZ7PVFDQikq3GarEFM/d0
k5myLuZewVrEA0H4kc8UKDQTzmxLoUnw6elLTVbBjNm2SoI9kndHftBAQTdBpmd5
eWX69AgietZVDsx87jqpra1S+e88w/Ze8jAVbsCKz+vrLtICxSaIvDGsb5xQXdjh
+0YRTesbWBueY5KscxxuWiyRdt/JnSrvP9mVlxx3ZXaT0XUoo6ETkFDtyfWuCPjM
S/tY/2Dn6wvN8YmXWBRU
=Jnav
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 104-1] pdns-recursor security update
Next by Date: [SECURITY] [DLA 106-1] getmail4 security update
Previous by thread: [SECURITY] [DLA 104-1] pdns-recursor security update
Next by thread: [SECURITY] [DLA 106-1] getmail4 security update
Index(es):
- Date
- Thread