Debian Security Advisory
DLA-257-1 libwmf -- LTS security update
- Date Reported:
- 29 Jun 2015
- Affected Packages:
- Security database references:
- In the Debian bugtracking system: Bug 784192, Bug 784205.
In Mitre's CVE dictionary: CVE-2015-4695, CVE-2015-4696.
- More information:
libwmf is vulnerable to two denial of service due to invalid read operations when processing specially crafted WMF files.
For the squeeze distribution, those issues have been fixed in libwmf 0.2.8.4-6.2+deb6u2. We recommend that you upgrade your libwmf packages.