[SECURITY] [DLA 605-1] eog security update

To: debian-lts-announce@lists.debian.org
Subject: [SECURITY] [DLA 605-1] eog security update
From: Balint Reczey <balint@balintreczey.hu>
Date: Mon, 29 Aug 2016 00:10:22 +0200
Message-id: <[🔎] 10abf28f-3c09-65a4-a41d-5413f270c9df@balintreczey.hu>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Package        : eog
Version        : 3.4.2-1+build1+deb7u1
CVE ID         : CVE-2016-6855


It was discovered that Eye of GNOME incorrectly handled certain invalid
UTF-8 strings. If a user were tricked into opening a specially-crafted
image, a remote attacker could use this issue to cause Eye of GNOME to
crash, resulting in a denial of service, or possibly execute arbitrary
code.

For Debian 7 "Wheezy", these problems have been fixed in version
3.4.2-1+build1+deb7u1.

We recommend that you upgrade your eog packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBCAAGBQJXw2FOAAoJEPZk0la0aRp9cSQP/ArTK06dS78tcIsfcWiRWMJd
49HvUS4NW8HBckflneygrBHFouyPrcqSjAf4dWy3qsD6NViTkqzNRijd3/cRkU4U
OUTdew/hTE+7zBsqHlFF+MfQRAV2bIzoWAIqPhFGCOK9YzVPQbgeGgfl/TbszvxC
MypImPLBAeXDksO8tc6ykYI36AxVF48lIK9QVBGxjcDFNjEGtk+9kqwhbB2TznZc
AI7fBAxTFI+AnVJbVPLKlkHwYd6icHFZNHxJdLy4E1ofQjNV/iUnG5bhl5VbpTgL
b8qod70ftBjZtm/ivzrLJkujDp5/jNso9LNSOACk7VWsjr4xkOCtn3OWZ2fjpuKi
/hM1M2QUkyHE6j2bdxmKi4gEthkxW9/AqkJr1zwWNx7JoNCqKqBLc/r5BS6KPTXs
BIDQVz8nKVMOsW3s8baXUOnYROyxQY4YgTBYPTFf8isANZU7aa4vN8IGUgwf7T/Z
8ftJWh7dIUit0dObHBr7LXSdSl1LycGBgTtIWQx2JlTd7FV4rrMCwylzbfrQQZwG
2QNcVh6Qt3/6sO9nImyP6ubo5If2y2+ATK7nqmtYISn9niPVXrYN8LnsCXMx/Nva
Gobr6aKNupYdW+1qmGb/n1o1wY/pj40PUuAQoBl4clpKsR1zwS/yPyATLwzIMrFq
aswMAZmUsXLb8NZkrnzH
=j4g/
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 604-1] ruby-actionpack-3.2 security update
Next by Date: [SECURITY] [DLA 602-1] gnupg security and hardening update
Previous by thread: [SECURITY] [DLA 604-1] ruby-actionpack-3.2 security update
Next by thread: [SECURITY] [DLA 602-1] gnupg security and hardening update
Index(es):
- Date
- Thread