[SECURITY] [DLA 837-1] radare2 security update

To: debian-lts-announce@lists.debian.org
Subject: [SECURITY] [DLA 837-1] radare2 security update
From: Thorsten Alteholz <debian@alteholz.de>
Date: Sun, 26 Feb 2017 22:58:40 +0100 (CET)
Message-id: <[🔎] alpine.DEB.2.02.1702262256010.13179@jupiter.server.alteholz.net>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : radare2
Version        : 0.9-3+deb7u1
CVE ID         : CVE-2017-6197
Debian Bug     : 856063


CVE-2017-6197
       The r_read_* functions in libr/include/r_endian.h in radare2 1.2.1
       allows remote attackers to cause a denial of service (NULL pointer
       dereference and application crash) via a crafted binary file, as
       demonstrated by the r_read_le32 function.


For Debian 7 "Wheezy", these problems have been fixed in version
0.9-3+deb7u1.

We recommend that you upgrade your radare2 packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
A
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQJ8BAEBCgBmBQJYs0+QXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ2MjAxRkJGRkRCQkRFMDc4MjJFQUJCOTY5
NkZDQUMwRDM4N0I1ODQ3AAoJEJb8rA04e1hHNjYP/AtSOVwKFJ+qNywI+SEixqv5
7BWfWZDrv4eGXPHGbyAEQGpTqw4ybzrLhoWPxKz+l5y86wL9HIRRdiB21G5nhArT
JFiibnIoceRSbj237Xaelcv+5NFohfuT3pLEfPjV53kNlxzWnwf3fRVkOzYxB/Yi
O25tna+A4hIVF0wg0zMt9jF7VzMrVhh3xuS8JhFuro7yGsAIYjU7/rvMR7/s3SJj
nxS71cJ99gdFwa8Jq2Tg7ArpgIW/PQ7Pv3DS6OkumBFnjzpn5lHebzhZQOg9RVDW
jhhP8Dcl1h9ITGe8OM77xy0c7dNn23xUPlKrYeqBDqZtyFHQfcq8arPRC3pZsQNP
kCb+sb7Uxtnh7STosWHTWisEciVyNw8JaG/6tQyCiBKU8nz0DTXgUs12jQ5E+bQJ
g9wqlLyywE+LQ/zk9inBAuoQDlguV3E6IqewJ+PXN4Mwn7q9mWLXHrRTsPakeqDI
eMiOBetN4eqUyZNrCmPobL49osq5z6S52Os2XRJkeFYsjzyvd1lX0at5ujab/V1d
zWXDIlIZF3ZcUr+CugYaFQvW5MwMkvoqnVNTlgVcCNcBVQIo458iLch8SydgZsYJ
LVOO4Q/LvroIVjhwR8+FtEhm0OE4Cfx2AmcUZ0rVGQUHq8cPZi9jeS4CdnXM48kS
vT6dnF6rgr8vxsRwR+Ko
=p117
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 836-1] munin security update
Next by Date: [SECURITY] [DLA 838-1] shadow security update
Previous by thread: [SECURITY] [DLA 836-1] munin security update
Next by thread: [SECURITY] [DLA 838-1] shadow security update
Index(es):
- Date
- Thread