Debian Long Term Support / LTS Security Information / 2016 / Security Information -- DLA-621-1 autotrace

Debian Security Advisory

DLA-621-1 autotrace -- LTS security update

Date Reported:

15 Sep 2016

Affected Packages:

autotrace

Vulnerable:

Yes

Security database references:

In Mitre's CVE dictionary: CVE-2016-7392.

More information:

Autotrace is a program for converting bitmaps to vector graphics. It had a bug that caused an out-of-bounds write. This was caused by not allocating sufficient memory to store the terminating NULL pointer in an array.

For Debian 7 Wheezy, this problem have been fixed in version 0.31.1-16+deb7u1.

We recommend that you upgrade your autotrace packages.

Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS