[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 332-1] optipng security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Package        : optipng
Version        : 0.6.4-1+deb6u11
CVE ID         : CVE-2015-7801

Gustavo Grieco discovered a use-after-free causing an invalid/double
free in optipng 0.6.4.

For Debian 6 Squeeze, this issue has been fixed in optipng version
0.6.4-1+deb6u11.


Regards,

- - --
      ,''`.
     : :'  :     Chris Lamb
     `. `'`      lamby@debian.org / chris-lamb.co.uk
       `-
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJWKTciAAoJEB6VPifUMR5YKhIP/jE5sfJZbATpWsEKYNwGKrBt
v9gAhNYO7SFRAMA+olDk3wFA3v2SuFx/bHBJFDGbm+ac5l8QnNQnhTbVhfEMIjq6
GCmy6hpcWs3te0hq61GKDZX+Gt+BckFN21MWWWAr70jz1XINepDnkPOmwPyTqb6U
V/GUXMqULjceLww1NL+ouWKcHdBq1+SVGuOlZ6OWrz11MjItvZYSoQ+DSJX5JY27
ElMQ6IN7RUhfyJCt2oudT8o+1N7MwK66EDnVNb36saYVUTdHc5gAthMDb5g0ijjG
sy0wNXgFHPr04ZINmhD47sqtQ92PUNU2qi8z+S4WTO/qQ7drdDLkU3dG768m/Kzy
J69/ovwxlB8B0JizO9vAxwX7+cpNPlks4KVhJ/A3img3YQKfxzGT7jFqLq+I/qzf
86+wKz7uYBQMNdfB5c7n30giJKdW+sorLWlpeuIBkywkgwdrmF816nsfNl/8DI7H
ytjGTKHRr/oyTTuxLXfqmCUX1VtQXHWwCw127cT1k6xiOPYoK6rVqoM7ug4XBjlY
u25nsaTfY8q22wiIF08qQtYDN3ygZYYAIF1gwdcxODxv5vDS7R5NEuDwAHQgJWch
zufcoVu3rcWXGlN/ZG14g8k5XXsJB5Zj5TpM9hW9TvXpr7bsIhqPQQTp2Nk5qMeR
ryZVdZSBFS6BGSI9ys1N
=YAd1
-----END PGP SIGNATURE-----


Reply to: