[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 1111-1] weechat security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Package        : weechat
Version        : 0.3.8-1+deb7u3
CVE ID         : CVE-2017-14727
Debian Bug     : 876553

It was discovered that WeeChat's logger plugin is vulnerable to an
invalid buffer read which can be exploited remotely to trigger an
application crash or other undefined behaviour.

For Debian 7 "Wheezy", these problems have been fixed in version
0.3.8-1+deb7u3.

We recommend that you upgrade your weechat packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEcJymx+vmJZxd92Q+nUbEiOQ2gwIFAlnKjXUACgkQnUbEiOQ2
gwIY9Q//QgLWAdHqajYIl+jAhgwtcbT82qUuKAJG+fSjhKoUDYoWJ5WBqFYiPFrY
hHLHmcbk/ToUSeBhSuIWwx4LSx63Jp9S762MaBqlKnUTXH+tc2XJoa9M3ipKd4XM
MjkvlIrAFkYCk+3p5Kt72HVF+20KSuDtLrmBMFAv9NodeAvzHeykeAEkfx7zCbYx
7DwH7Eh7pW4HX6GQ9Y3PAb+s98K6PiQB5ZC82RV2+CI2x/WSUF8txTFZvb7qRpqB
7ELTjHqyza1dXpMBO9nWR2QRp5XSUslYZpdY8xI4yFiZ1G/LIdWgGje2vNRqEbY1
oAjvUvauX1LRowx4IkHF3bAU3l9bF0g03VRWMTDo/OaCPD0V+zKw0dKJFo1MwzYs
moym7AF1Lo725ISW0xLlG0opZjlawukk8Ogtr59bSpNG0KBmTBxnzREORyG9lJMB
XCGVkEi2fZ1c84pXYhqP+z0tf5AYdK6hGOL6MBEtY5+gTw+5Aqra2H65YweMWTlm
YYsVlpgAWH8NErFdrikvi5NaYIstU/tj+TNKMgAabQXybpgAMYwK0xOyrnlovrZp
1Eh3AudSmKphzDjX994ANQ4Y5DT8BVUtqQLbmy5EzR3zTOsud18WE4yteWYxDeK4
Ycbg0xduTwLcW/lZkEhRvv4iKYsIjFcqintIAplXVPEWde93kVA=
=isFS
-----END PGP SIGNATURE-----


Reply to: