[SECURITY] [DLA 1067-1] augeas security update
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Package : augeas
Version : 0.10.0-1+deb7u1
CVE ID : CVE-2017-7555
Debian Bug : 872400
Augeas is vulnerable to heap-based buffer overflow due to improper handling of
escaped strings. Attacker could send crafted strings that would cause the
application using augeas to copy past the end of a buffer, leading to a crash
or possible code execution.
For Debian 7 "Wheezy", these problems have been fixed in version
0.10.0-1+deb7u1.
We recommend that you upgrade your augeas packages.
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEjtbD+LrJ23/BMKhw+COicpiDyXwFAlmhv1MACgkQ+COicpiD
yXypxQ/+KYR4QgpBm+OHDXNsKyaDqKFMSSU/AOo/HVESrm+x6CkmZVXnFmGmo3XK
+FwNVeYq6KrzREAK5dq3wHoGF0izXDXtqgh7UpLtruUtjPR4+UR8qwP+WX7aIPWo
a6aj1yEvTyUegiFYgWD/ihTv15382HirdrqTnDCNyJzfF0T/9pTjwWf3ICh4FPIN
W2x5cKvL3U0A9xBKYe0Gc4jDotcnhqpruVg3wEpSMxwF8jhyiAcynzuYyI9HPwxR
zC81pxgH/32Dw+2w1+iMP4sm3yVdThqENScecJiSvUFAqaC8ZEgmCP1RbS26lSV4
jb5zhac7xmhSRSgc4vBaxM9j3tVDo+vVin+mkJ87/8/1zTvKKYY6e7jDSpCCAbDj
mPD2ZX2hcO+Tvoh2Je12dq9xXVktFs9Y1K+NbatTFoMgKPEGVxIWfkhl9sdUnOAz
HvUVRlP/uzM5Anour8JEs+TGL6tHtIvt0xe5K7bKq4V7TEqE8afS3FD0aurzUCkI
bQiLaJ8fNY9Y0Hi0WnS3H4hEz6usYzWlT+plVRXpq6x+4pao30Z582kn00jHJMiN
wgrc3AFXoNbP8czocrXsNF9j58JY9fYJqIPRFs2Bghgxd36nXQNwKMoORiKOCb/g
3nCEhkWnOSJss/fSJnIz27F5WoYC9N6hIv4AtICsaIkMcT9/C8o=
=vDxG
-----END PGP SIGNATURE-----
Reply to: