[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 306-1] libvdpau security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Package        : libvdpau
Version        : 0.4.1-2+deb6u1
CVE ID         : CVE-2015-5198 CVE-2015-5199 CVE-2015-5200
Debian Bug     : 797895

Florian Weimer of Red Hat Product Security discovered that libvdpau, the
VDPAU wrapper library, did not properly validate environment variables,
allowing local attackers to gain additional privileges.

For Debian 6 "Squeeze", these problems have been fixed in libvdpau
version 0.4.1-2+deb6u1. See DSA 3355-1 for information on other Debian
releases.

We recommend that you upgrade your libvdpau packages.

Learn more about the Debian Long Term Support (LTS) Project and how to
apply these updates at: https://wiki.debian.org/LTS/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBCAAGBQJV8cuFAAoJEI7tzBuqHzL/0HkP/0VypWnpB9oKwLJVvaz0ehCF
J3YZObHCv/840j55h8lM3VtlXfFyDaIJzY1YJpWpupOhKyMCvUJqSIqNX7lnKBu9
Io7zXjTv9/lQARS+mDyRPLgKtUqtYVcJTfu5hAznO+PoLuo9ecpL879Ihg92SwZQ
h03ZrRlVgTA8UzpGcsSwaamQcMUZ+EHcVlT6GS/kSyuo2GAEeceDGsgi4Tt/AnxC
ZeZJGD9iMBkS8khIwgAKphrjSax6woQ2X0zX8Xo7R4uxDEGhc202MTaPbAcCt2Sf
BXzGHU7TMnONrFECmYvJ+asjD0QGN27aGvFuHcqIY/T7ZaCfFXPS+9nhuexbi4Hq
cOug1rPQh2L+yYfPM5MYTDTwL1Bi2ZmveJU6eHC2GNSrm5iJohQha/F51RTfvUz2
ERDOYF3gI+TBrGnM6ZNOHLa1kRpvYohQAQ3FcWU5JwN2z9sPN2Sk5F2Y2TriJjy5
C1X8LrtHL8JF5VlKYdG4SHknwqqi85t8vmJ576QVg4FkrE4+r+6GKOe6FBaXle/R
La9Z8uJpd0mfoqwERF2LwJgbZ75O5y9gmyzBmfQTjrlOMWG4lU4rPSy1Rpuhkl+s
q2VmzEInE6Exk9Dkyd55AR8/AXV2h2IhR3cdQde5vQQaiDu2qqWtlwKYc4+Pfh+h
9fNqHAFy0CoaKgnF/vko
=UMTu
-----END PGP SIGNATURE-----


Reply to: