Debian Security Advisory

DLA-32-1 nspr -- LTS security update

Date Reported:
07 Aug 2014
Affected Packages:
Security database references:
In Mitre's CVE dictionary: CVE-2014-1545.
More information:

Abhiskek Arya discovered an out of bounds write in the cvt_t() function of the NetScape Portable Runtime Library which could result in the execution of arbitrary code.

For Debian 6 Squeeze, these issues have been fixed in nspr version 4.8.6-1+squeeze2