[SECURITY] [DLA 1060-1] libxml2 security update

To: debian-lts-announce@lists.debian.org
Subject: [SECURITY] [DLA 1060-1] libxml2 security update
From: Thorsten Alteholz <debian@alteholz.de>
Date: Sat, 19 Aug 2017 19:08:21 +0200 (CEST)
Message-id: <[🔎] alpine.DEB.2.02.1708191904180.20574@jupiter.server.alteholz.net>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : libxml2
Version        : 2.8.0+dfsg1-7+wheezy9
CVE ID         : CVE-2017-0663 CVE-2017-7376


CVE-2017-0663

   Invalid casting of different structs could enable an attacker to
   remotely execute some code within the context of an unprivileged
   process.

CVE-2017-7376

   Incorrect limit used for port values.


For Debian 7 "Wheezy", these problems have been fixed in version
2.8.0+dfsg1-7+wheezy9.

We recommend that you upgrade your libxml2 packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQJ8BAEBCgBmBQJZmHCFXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ2MjAxRkJGRkRCQkRFMDc4MjJFQUJCOTY5
NkZDQUMwRDM4N0I1ODQ3AAoJEJb8rA04e1hHv8UQAINfbp0c75aMLVxltscujDCG
CcicK3oSgd6K69B5/bwT9dvO1bL0b57qbk4GFwT0KCVc4LZXD+ra8uJ5QtotsqQS
lY0VHeJLAxhEHK8fIgv9VEGGp3o+yYQbc2Lp2dhbUpDxYaNDs964+uLbnX9dqgzX
ctxrOO1EkAIyb4m6KkBxBN46s46jGnVtZ01JOY/lJf18sL4gCoI9GUFoyIDBih+P
ye+IJG4GrXYdaQcHb+ay4Q/Yx9BZoDy7Jcf7C5krZGL1+YvxLkYxyTNagR/GDMnD
ksWv9fo6Lmb8rukYSrzsri6ihvKfypRbmTKpmDK+lm3FFvkNlDjAzAT1s1AxjOWu
ljNkWAoT1wktcbCApjGoxpaCQkPHhchsGOkdQUCyAMGIiu1MLadMqSm4i8xYu6km
7VNn8IpAGLBBUQJVU5Il1+gZ+w0346svGzUDLlhtICbmHCOraY8mpa2yvjPpHmI5
SDSCxzZ1UvQNip9ts6Qc3hey899JabEplNMLUn7dgKi5FmwfyCuxIBP3j5tAnqOu
n/x0O0ONkUiEdjdsPdxlaH/KsxP+EUu0PyXAq0nFa5ges9G+TSZzSjfo1gZ3Tp71
/89TbRpNXfDZnZ0AfT7oFWxOOnR/9ifGtOua6UxPvMB3roo91h+q3ZzLHjr1T5r8
hnZc9EfvEe0ohUMEkARX
=+rpC
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 1059-1] strongswan security update
Next by Date: [SECURITY] [DLA 1061-1] newsbeuter security update
Previous by thread: [SECURITY] [DLA 1059-1] strongswan security update
Next by thread: [SECURITY] [DLA 1061-1] newsbeuter security update
Index(es):
- Date
- Thread