Package : libwmf Version : 0.2.8.4-6.2+deb6u2 CVE ID : CVE-2015-4695 CVE-2015-4696 Debian Bug : 784192 784205 libwmf is vulnerable to two denial of service due to invalid read operations when processing specially crafted WMF files. CVE-2015-4695 Heap buffer overread in libwmf CVE-2015-4696 Read after free() in wmf2gd/wmf2eps For the squeeze distribution, those issues have been fixed in libwmf 0.2.8.4-6.2+deb6u2. We recommend that you upgrade your libwmf packages. -- Raphaël Hertzog ◈ Debian Developer Support Debian LTS: http://www.freexian.com/services/debian-lts.html Learn to master Debian: http://debian-handbook.info/get/
Attachment:
signature.asc
Description: Digital signature