[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 164-1] unace security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : unace
Version        : 1.2b-7+deb6u1
CVE ID         : CVE-2015-2063
Debian Bug     : 775003

Jakub Wilk discovered that unace, an utility to extract, test and view
.ace archives, contained an integer overflow leading to a buffer
overflow. If a user or automated system were tricked into processing a
specially crafted ace archive, an attacker could cause a denial of
service (application crash) or, possibly, execute arbitrary code.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQJ8BAEBCgBmBQJU9gabXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ2MjAxRkJGRkRCQkRFMDc4MjJFQUJCOTY5
NkZDQUMwRDM4N0I1ODQ3AAoJEJb8rA04e1hHSeMP+gLb5d54HhxNHs7mzcvYSm3I
EdSrIAde2Bp8vbrBiUP5bIFT5SaihTyL0amAqudlC9wBpwaOewItUO6QxFCuQElK
Q1FyK15x1bIoM3ap+kX7z4LlnlizKgJ/aQhF1TMWmxYS6R/bu/D8fRy2XZ6w8LEy
ZwVorOs2pudXkLMuEGVdw8l7MEKWQkjzNNiO8+sh6ci1lhCOldDt8cJ3PJ60wvN8
JWgI1somzOnivfYlPLYEy6eKFjS5NsJ0CMuWT/bzANKT7mEBJzazCB1HekeYqUyY
ad8dKikq7Xh/hbsP4yDC9jFHVfY0uoV0lHy1wffbLfRPOoOJ+zFj0nr+Qh+2EKeZ
f4S0UVvMdXnEYmrtb/V4UfR9YV272LwObjWjIWCxsWY2WBK9v4djZOkBMv4iP5/s
/iVLmiwA4G0YrxKRAAPaupyg1eu4ziRdluFCdNLH1qU/xPxs44KSedqDNcz5FFu5
6EbL1ZJ3wWg5eGpxpehjqb+IRTD7JwIN7N26FF+c+/RTQsDEkrOVzjwOgF7nKF/T
+4LBC1Aiz1Pl97kFAFyoDjfrOYgRz5k/9UkmbzPY5nOz3oe0vhm5o1zXcYEMm+fz
ksrMFtcDYoxQ56lN6oNh+vVjRubX9scGjOxFw2SDJS43UAiWar2MySBdKHF/zwPR
JWV6y0Lc2WQ43TOpJDR0
=UTGN
-----END PGP SIGNATURE-----


Reply to: