[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 745-1] most security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : most
Version        : 5.0.0a-2.2
CVE ID         : CVE-2016-1253
Debian Bug     : 848132

The most pager can automatically open files compressed with gzip,
bzip2 and (in Debian) LZMA. Alberto Garcia discovered that Debian's
version of most was susceptible for a shell injection attack that
could be exploited to run arbitrary commands on the user's computer.

For Debian 7 "Wheezy", these problems have been fixed in version
5.0.0a-2.2.

We recommend that you upgrade your most packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAlhUA0xfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7
UeSP2A//VIpE1E0DFXjq15ewQi1I51wAoJXCiB8PPI3fCq6ndmQGXmyCAuqqi9VX
B9pXjrVpvx8guC7Gv+AX4XAVAK/BO3fffLS8iivXem7hArIX+o1ltbfnHrTZ3ydo
XJn53XMuX2bGE5tuQJQU9e/BZFNb+xJ+JDKNSlrzIl9bq8CNdJuqpYJcUr4lqWM7
9EcqoVqsBl+T6NU/p1SjO7cERDHZxOXP/EMurT+kB+UvVnYL70uHTvfYms0JLD6F
NTR55270/fI8btU8UIYbD/W+AuKDKkrWCj30GG2gd/Q4n8sCehv10lNa0L6BUpM7
UGYKf0xeM+u/OWKGc9HqVxewA3jVSPbnfWqA0CPSuEr/dhVoSOOaNKnvZVJ8rMaJ
UomuZ5C7dZS2J62gvRiYQbTZMRjJXTpiAfytwAD7bhuWBJ7BZLZ4qUwnQxFtcGDr
IoQVpf6ZDmKwQaWmXBxnwysBhynUGgIBj7MZF5ES0p+KxCIeBm/EMrtEF/Bf6sxb
XGvwOWlYAjBXVnmEiY/9etKddWdECEHKOncNHrfBjnsee0iVgi34J+6K9mJufkvS
qnGvgh+QMuqtYfJr3HvzSPjUONiwkmwspgm7auY7P6aSc2OvQ9uG9p1JRkZ/iMoh
iRd/fk715NC0CmU8kzkwHcFXqqMa90zmRhrtWUJ0/qpzqfHGKVQ=
=4N2v
-----END PGP SIGNATURE-----


Reply to: