Package : libraw Version : 0.9.1-1+deb6u1 CVE ID : CVE-2015-3885 Debian Bug : 786788 [This DLA supersedes my wrong announcement using DLA 241-1] CVE-2015-3885: Integer overflow in the ljpeg_start function in dcraw 7.00 and earlier allows remote attackers to cause a denial of service (crash) via a crafted image, which triggers a buffer overflow, related to the len variable. We recommend that you upgrade your libraw packages. -- Matteo F. Vescovi || Debian Developer GnuPG KeyID: 4096R/0x8062398983B2CF7A
Attachment:
signature.asc
Description: Digital signature