Debian Security Advisory

DLA-513-1 nspr -- LTS security update

Date Reported:
12 Jun 2016
Affected Packages:
Security database references:
In Mitre's CVE dictionary: CVE-2016-1951.
More information:

It was discovered that there was a buffer overflow in a sprintf utility within nspr, the NetScape Portable Runtime library.

For Debian 7 Wheezy, this issue has been fixed in nspr version 2:4.9.2-1+deb7u4.

We recommend that you upgrade your nspr packages.