[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 686-1] libxtst security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Package        : libxtst
Version        : 2:1.2.1-1+deb7u2
CVE ID         : CVE-2016-7951 CVE-2016-7952
Debian Bug     : 840444

Tobias Stoeckmann from the OpenBSD project discovered the following
vulnerability in libXtst, the X Record extension:

   Insufficient validation of data from the X server
   can cause out of boundary memory access or
   endless loops (Denial of Service).

For Debian 7 "Wheezy", these problems have been fixed in version
2:1.2.1-1+deb7u2.

We recommend that you upgrade your libxtst packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCAAGBQJYET7oAAoJEJ1GxIjkNoMCAAkP/3t/fr7a9on+oQm2jkeOu/i8
kIaJC2iDoWF2/YliCuZF3K4z8Y6BALw8t68D8pXGTA2d72Hxk4E6d0qbkVqEPab2
zhX7BwaiApbxDZdkJfeX7aUML0mtmhg8/zpGsZEySEEw2yjylHr+ZThLY5ermG+s
fn7BnvSMpkqGVsWtx1vlEAaTnQHngRqSjNyferdmWxSDVVd1JgKNcicW3q4szb/a
suBs5EOwbbNEqV9QEDB8iDHHye/9eob6MJbbSNQamUKSEpdM7hSTYbg2jQqRJlOo
2DbdrPKYbl9rb8miFVfH7avDaePOiYW96Fb+G+n2xxILdm6mv87yh1aFQFdag0oh
OPYgGw37d2zYUA9hRJqTiG3mwevEGV4FEENIC+3ZA2//xGi8yd/bQip5PB8Ahz6v
gEPuK6FWXRwTE85xbh67StllIhjlh/NLfwNpU4j2ExIFuXGeF4JJQF5xJDV1iktY
MAE0B5FBlVmq5/4TNvRHiki9noMVTrGx0T5eAMDdVpB31nZ91jzXV5hNRTq4xkdg
ljeIoQT/zFqjqr4MzeC4BgKev81rNnF1GZr6cOgaNkz+so7prVa/KLhSV5jDzcWE
AYjkMhMxQ4iTcM8yUh7zFw3JApwPr1AEjgDkbQFsXw0FdD/ugoE2iTHx6w6klM8y
QNgNhtyiukq/Uwy7fOxZ
=tGZ/
-----END PGP SIGNATURE-----


Reply to: