[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 766-1] libcrypto++ security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : libcrypto++
Version        : 5.6.1-6+deb7u3
CVE ID         : CVE-2016-9939
Debian Bug     : 848009

Gergely Gábor Nagy from Tresorit discovered that libcrypto++, a C++
cryptographic library, contained a bug in several ASN.1 parsing
routines. This would allow an attacker to remotely cause a denial of
service.

For Debian 7 "Wheezy", these problems have been fixed in version
5.6.1-6+deb7u3.

We recommend that you upgrade your libcrypto++ packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAlhiwZJfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7
UeTZQg/9H9EAewYMt8rWRb9GEo7YlThWGBTPik1IYef7ZkJ7XXxLe0Sy1wU2vUFr
y65nLwGTgd/kMx5FBsgaowrbeOETrsmhCulGlLpgD1zpFd5+FvfAPqFtRNaxF1+K
ZJDc9X6EkoZRpKoWOTnWOwZfhS6azfm8YZmCP3Nugy7gCUxCgblNwGM09E50k375
hOHRvMZtZsUG281ykjUsZ+2erNteLEChcF5hNCjz/1MDgGoqDtxhHEzUPyIBhGlw
d9n9TKlb6dNa26J3WXjh60gGphI3Wnu1n9vSSvF3bJgcDf67kZBWVpvWvFdLJAmo
qBIvgjPIdPGnGawTH6QXlg4cPmDlfJlKpsC14KLfaX/R4IbSUhN/TLfg5me09ptG
s0sA3jwr6WsY9h5vdcVJc1lXNGJCPiW9YfELb6tsSXddRjW49wcbKKePJjV7qZ6o
xVWRimwQGPChMWN3gqHactJsFEbhrhk/7CV+R7CrFqt1g30/wJuW6/zboU+XK3IW
NTNvOnCcQUGHYjs0Ym5tAuVpbrd6ZglfeVyMCpHjXwPgeoSb0tnecvDlS1cSO34k
pujTsa48GYURgv+Zkch/xu0QSVNqYQsHcJNx+e0/NfcgxCjy3LEdVwfoGDDbRVOe
/ooWinX6TQDQ0PFcfEnVti8kmbdAi2AwM51Y9q550fkvpkeiDbc=
=sv5V
-----END PGP SIGNATURE-----


Reply to: