[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 241-1] libraw security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : libraw
Version        : 0.9.1-1+deb6u1
CVE ID         : CVE-2015-3885
Debian Bug     : 786788

CVE-2015-3885:
 Integer overflow in the ljpeg_start function in dcraw 7.00 and earlier
 allows remote attackers to cause a denial of service (crash) via a
 crafted image, which triggers a buffer overflow, related to the len
 variable.

We recommend that you upgrade your libraw packages.

- -- 
Matteo F. Vescovi || Debian Developer
GnuPG KeyID: 4096R/0x8062398983B2CF7A
-----BEGIN PGP SIGNATURE-----
Comment: Debian powered!

iQJ8BAEBCgBmBQJVeCkbXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRGM0REMDlGOERBODdEMURGNTA0NkM5OUIw
NjEyRjQ5NDRFQ0RDRDVBAAoJEAYS9JROzc1aUEAP/REiK4pGmbCKbx5EEiwnw6O2
0fWPRvxQNKfLonJ+iRFnFB32YRkoF2JKY/yY9FvnEDVnIC5EEIw8oYQFBvg0P73a
T064WddqxXcb+qzT7Rf/rTgAs7nq6nlKau+84tv/xjvA+nb9vL9EsfNgkYWc1CCh
nZLif+yQwZXqOI/85/7NNO7Ygx9IXNVu1LcFS8o+/6LP3NzyJuoTlGm58F284y5K
ZImsSlQEqH/aOuUuWR44ZfA9v7jcLr4//p0zS+6yGjwLEsm0dEaGBmioWSfnxUda
SCOlCkwJ6i7bD8CrnQ5zIkS2ygtne9vDoG2vNk79Pqd8XLocQHzWksc9ZNkuxpBT
N+/wykHzwXq7YNhaFLa+p3DO/qyuAxi1vpnbFo+CkjH5YYx+KjpMFcOmuOWetjLx
SP4iyKW/ANt5bEm8POCBDM+eJSiXA3yGAo/nrDqgJ9iv98+wKDAupVauCJgolJIG
AcxD2JSD35rRKNc/elqLXPDhNYS2lMhvTN+Nbkue5klYBQZ84x4jcWKBW/GpKkXy
+NpT5jixskTvurEBsSmsLiBoi22pyGWq+AvOutjWVS7BIo8nk3/p1RSpuAYeuncN
w6LxPT6cwR6TE4rVv8R//q3NovocFbGa3cu9RtkmXvdaI96nugxTh0f90lGmYI7q
p3en5PVdgciQVwev39Zt
=hpAm
-----END PGP SIGNATURE-----


Reply to: