[SECURITY] [DLA 671-1] libxvmc security update

To: debian-lts-announce@lists.debian.org
Subject: [SECURITY] [DLA 671-1] libxvmc security update
From: Thorsten Alteholz <debian@alteholz.de>
Date: Wed, 19 Oct 2016 22:26:22 +0200 (CEST)
Message-id: <[🔎] alpine.DEB.2.02.1610192225560.18264@jupiter.server.alteholz.net>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : libxvmc
Version        : 2:1.0.7-1+deb7u3
CVE ID         : CVE-2016-7953


CVE-2016-7953
     If an empty string is received from an x-server, do not underrun
     the buffer by accessing "rep.nameLen - 1" unconditionally, which
     could end up being -1.


For Debian 7 "Wheezy", these problems have been fixed in version
2:1.0.7-1+deb7u3.

We recommend that you upgrade your libxvmc packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQJ8BAEBCgBmBQJYB9buXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ2MjAxRkJGRkRCQkRFMDc4MjJFQUJCOTY5
NkZDQUMwRDM4N0I1ODQ3AAoJEJb8rA04e1hHWYkQAIFkqDNJ+0zXFQCYHGKTrWBB
Az0mQDOdIqDdpAOp/DQI6a9akQ2Yop9KX4Pl363JpgmtsaeVesvBd1fPWglUQyow
g3eDhC8/aZkLmRB4UQyokbNWW0c+rrvRAOxHuvG+3EdCb448LAQoUl5wUlp3tXrD
tRqHE1JXAPHoYIIzt+YxxYvqRm8DKe5Ch6WOjTShDWGx9Ev2a8PpH8dfNABYTRVJ
ewmLysMgkHT+u35HFd4gtT9dc8M8kawnFTJK0KqsB1YEk4jVGdKkfBXlKzPXVvCz
v6KL4p8YWIHJmUeVXwhdtN+FwC4GuV8ZioqxNQOYeNJo5gjzmUgdqafisU1PV1SV
ZoXFZ04eRxEbCjAOlELc3N5GFPz8mLmA9SD6tmv2v9EYXsXIlGdXTNjyIrvH0YaM
oa4XHlONViG6nQsne5+LCwqWkeLHlcfo6NpFQKL+1Z0R1m5Woi6rEHBb/rQSLW6g
G2E1B/WVXa41ylP/5hsWY5+VTtiDYe1MgGO+qXPTYAnpQmjX+KtdAeLPSKIsC9FF
mxka92o2SJnJT+69lzl8fqGbm7B/2ocoC5fMIR+BQbcFr1XhoaJYJV8hoMwiDivG
s0NXVI6uzhy1Ox1tog+A0OBdMnM9d4CoKV2zsaWTIyTZYoe+xlEAVqiU1miGJ0pE
DjzCA8jEfkVr6Q/dwUkc
=TQl+
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 669-1] dwarfutils security update
Next by Date: [SECURITY] [DLA 670-1] linux security update
Previous by thread: [SECURITY] [DLA 669-1] dwarfutils security update
Next by thread: [SECURITY] [DLA 670-1] linux security update
Index(es):
- Date
- Thread