[SECURITY] [DLA 228-1] exactimage security update
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Package : exactimage
Version : 0.8.1-3+deb6u4
CVE ID : CVE-2015-3885
Debian Bug : 786785
A vulnerability has been discovered in the ExactImage image manipulation
programs.
CVE-2015-3885
Eduardo Castellanos discovered an Integer overflow in the dcraw version
included in ExactImage. This vulnerability allows remote attackers to
cause a denial of service (crash) via a crafted image.
For the oldoldstable distribution (squeeze), these problems have been fixed in
version 0.8.1-3+deb6u4.
For the oldstable, stable, and testing distributions, these problems will be
fixed soon.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQIcBAEBCgAGBQJVZsArAAoJEF2HCgfBJntGdEoQAJSNb97kVZk5Pc1r3iNabHIj
48UIE80juFIhN6nLMjY6SSJv+Oncqw4HVC5aJ29Cg6XhGhI4xEyGZ0Q59KgfQOnL
8VWTyL95DeRqUHH0h0VNDkn7b5qkKDy9hhKJimA/wHMD7x8u1Fy+TwKBsanLvsvm
OpDOtmHbPHgaEqO/bNQ2UXi3oRxqLyaV8ceVy+4JDxjVrDFCRtnPFjCpkSv2rwzL
x8u30bJ16uUrQCM1Ic+2o/OTC48GZrQ8lOOGVBclmuKhEAW6EvI1+nzxXtJzK2mD
zYw3RhxcsM1q6y+bj9ha17UvWNTTlj8SFQgbMfltIQikg8OIHxVlM8hofRor/eLa
zE38wDzyLQgD6E6Cn2NrxxcrEyDyAl3irxxOTp5h2QNAQu4b6pkuAae+lsoex55o
hu2lfsjcLMKtgz1LHIN4mGr127tnIc+Mlek1SvPUi1sNZ/KfEnPbpswsgIloEuiJ
o8ELALAhI0X8e+j0h+ijUIzr1TdNaG8Utyn+bB9EJGJAA7ys/MpcQ0XZv6PA+7eG
8vZTxq6O2rrOPM2UqZASd8mrKwVb6HYuwE8BFbDXNxEQwe7ynmxePS4uxCx1YmiQ
/g1+5UrnsiRe+fYilkCdwSuEbj5HNkj8cCCz2wKSXm2i7er97VZucpUt2t4sEffO
r/JKMyshEoGJcYGk68hI
=Aowi
-----END PGP SIGNATURE-----
Reply to: