[SECURITY] [DLA 133-1] unrtf security update

To: debian-lts-announce@lists.debian.org
Subject: [SECURITY] [DLA 133-1] unrtf security update
From: Thorsten Alteholz <debian@alteholz.de>
Date: Wed, 14 Jan 2015 20:11:47 +0100 (CET)
Message-id: <[🔎] alpine.DEB.2.02.1501142006220.30917@jupiter.server.alteholz.net>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : unrtf
Version        : 0.19.3-1.1+deb6u1
CVE ID         : CVE-2014-9274 CVE-2014-9275
Debian Bug     : 772811

CVE-2014-9274:

   check that accesses to color table stay within bounds
   Patches taken from upstream commits:
      - CVE-2014-9274: b0cef89a170a66bc48f8dd288ce562ea8ca91f7a

CVE-2014-9275:

   various crashes
 .    - CVE-2014-9275: 1df886f2e65f7c512a6217588ae8d94d4bcbc63d
                       3c7ff3f888de0f0d957fe67b6bd4bec9c0d475f3
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQJ8BAEBCgBmBQJUtr9zXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ2MjAxRkJGRkRCQkRFMDc4MjJFQUJCOTY5
NkZDQUMwRDM4N0I1ODQ3AAoJEJb8rA04e1hHgFoQAKDFjbdVNkGpk1sIvZlxhkwx
+G1HgPq4ibpRebgdyg7Ohbl65mBXLUSAbpCmnpb8OR7xqvRqn+i8Wmncsc7YPiD4
v9waoHN72OyCQkRXts+IAxen3AJhiq5a/EiYfHk/pqXaxjDoHjXqJ7jNDTbUvr3o
Rtd7A5J6DWK/LwYt8kIw92M/NClLl1oVRxUc/nu/8ZdPpkPeyhBYihSgOv5A1y6w
ABm+XugHOB/vXz5kmhPpvOhjkCOltTByjBDp2Tz0iLUlG4xPj8PAEJZjo4ulUNbV
K5a7h/BMaAYj40tLR1v3aX5ksHx+mYVy5a7iuXl+/WIkphkNOx8W5KZIZ6ySKumD
xr25eXuavxI3xBo9Vwf0fuewkAScl0c+8vv6m1QMkwhEB2DDCgwKWd0of7U/ucUM
9e2e7v1lvCYIRTj6Vrwkt0ywadYG7PEYh9qfmf6QBrrWfQTSZR3JQ4OQJGtB+lzk
nVqsHbW/G02waXEsw66Yp21DhFVbz5ZvjVKkznTdf2MCHXgEVzrw5UjwYnPrZLSS
AU/5xJGlNDG229h1QFT5uzr6jI9Wx5TTb2QlVgcNCsHYDdof/+9oPABwyRWh0iSI
SVrk/kTSLlPE/5Cad612vW8DtzGxKFNcC9zAjscHMnmBX2LSMkcwrV9fvztzqQ6+
QCmqciahO/gPYxEIU6jZ
=VCBV
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 132-1] openssl security update
Next by Date: [SECURITY] [DLA 134-1] curl security update
Previous by thread: [SECURITY] [DLA 132-1] openssl security update
Next by thread: [SECURITY] [DLA 134-1] curl security update
Index(es):
- Date
- Thread