[SECURITY] [DLA 839-2] tnef regression update

To: debian-lts-announce@lists.debian.org
Subject: [SECURITY] [DLA 839-2] tnef regression update
From: Thorsten Alteholz <debian@alteholz.de>
Date: Fri, 24 Mar 2017 22:44:18 +0100 (CET)
Message-id: <[🔎] alpine.DEB.2.02.1703242240530.20308@jupiter.server.alteholz.net>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : tnef
Version        : 1.4.9-1+deb7u2
CVE ID         : CVE-2017-6307 CVE-2017-6308 CVE-2017-6309 CVE-2017-6310
Debian Bug     : 857342

While fixing the above mentioned CVEs, upstream introduced a regression.The new patches added for this upload take care of that.


For Debian 7 "Wheezy", these problems have been fixed in version
1.4.9-1+deb7u2.

We recommend that you upgrade your tnef packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQJ8BAEBCgBmBQJY1ZMyXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ2MjAxRkJGRkRCQkRFMDc4MjJFQUJCOTY5
NkZDQUMwRDM4N0I1ODQ3AAoJEJb8rA04e1hHiAsQALsOQq3/4HvH6LY9gNY0c5UD
8XxizD4r1db930uLe4vxRGQW5Wn4CPkuue7+4eVLMAlW98HaoDz2tOMReYaHwZAR
BRkWySD6eiAq0hK6O4scuhssur2dTa1MIOe0ohxXzVJ6K0UkCJRHM9IFBTjcO3ov
4qqskJonB8CzaO1fRmi+K5r+ciKAotbFgshFAZnW7nm/zjUxSj9jKEXyruxX9Efc
0dINBnNqgAU3HmDweIEKU8T9Fp77mNoA5MrMk0/MTBScKomotHjEccDuPp0utiJV
Pfe28h2Eq/vhG/gTPRFI8nkGr1A8bgfECtyaP+wBc3hf75hu49xOg37T+2kr4Q5x
X4aIqp0ShSnjMREaX3KBJGNI69PjoEFICmpl7I7xYHpSJcpUsbY2H1rfXuTCSu6D
dpnsw6gwtfd6qlPWSOsSHWIqCfeBfVNavD7hLTejqafDKA7Jn0tB1WWVGmdtK8j7
9+ywz6u+nDJNrQupbhF2wgLp2i2DFuCNEMf6LsbGIrNstvsZjfftPwIhzYjfJODO
vB9SjjKd6z9PONtSxHIDj/gDIHHyy/s/d7u979slpDbJ2SvdL62q6AkN7vmJsAo0
+aD4hrbMFUaSS5yjHOrN667lNrBdTIz6GAK/qsGdyLyaTN/+VUszn5h3Doe5GV2m
2j3OSUlslbA2Bk3Mz4WN
=V2ag
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 869-1] cgiemail security update
Next by Date: [SECURITY] [DLA 870-1] libplist security update
Previous by thread: [SECURITY] [DLA 869-1] cgiemail security update
Next by thread: [SECURITY] [DLA 870-1] libplist security update
Index(es):
- Date
- Thread