[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 861-1] r-base security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Package        : r-base
Version        : 2.15.1-4+deb7u1
CVE ID         : CVE-2016-8714
Debian Bug     : #857466

An exploitable buffer overflow vulnerability exists in the
LoadEncoding functionality of the R programming language. A
specially crafted R script can cause a buffer overflow
resulting in a memory corruption. An attacker can send a
malicious R script to trigger this vulnerability.

For Debian 7 "Wheezy", this problem has been fixed in version
2.15.1-4+deb7u1.

We recommend that you upgrade your r-base packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

- -- 
 -------------- Ola Lundqvist --------------------
/  opal@debian.org       GPG fingerprint          \
|  ola@inguza.com        22F2 32C6 B1E0 F4BF 2B26 |
|  http://inguza.com/    0A6A 5E90 DCFA 9426 876F /
 -------------------------------------------------
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQIcBAEBCAAGBQJYzFqcAAoJEF6Q3PqUJodv9IYP/1k/eC3ZjiqpCxKXeszs6pkn
CEiQK+tbSV4iSHE+5FwyU+wQWdh9ZOVkJ+SsH4QI9sYqbAtuY0FhGWst/rE5FH0o
lU8vylKKGCwWR28Pyop+v1LlnHhTrEpdeCLaUOfR+MsnI1gzjhYIOdGZvd7PD/eX
V+iPHd/un+IJW3hIizEV/+WaNNrleDE/fDf8bmrZF/CVZ5ov90nHmmaCImlK7K7C
FxyV7p0AicMgwBnoRq4j6U30RcXoQRIy60HlNxyaqGfyg+lUAPusqYwiGB9a2LhG
y8voDxaa5fH4V/1+X4zezYgkgTv1VKU4/Cnr8whKCelbQmbVeJHPdVgUwtQHRyoK
4D0dc1aFvlH9nx2dHTVHEZ6oKNa7h1bT9qTjbhc/GFzWBccf1kjgpwHol1aGpaBL
odbfHMvSrV/B7W6fK3PT/7g3y8lvX7HkSW2weQXZCpIXmgVnpAL/wy1MZUrvv/Wt
BfMnSpWGGLxOfrINJuc7paXP1fwpNAhwvHyxjgnJ660wQVxB0M8QEKyILjhWdCU8
kTZhnoaiJwJLsuOPE55tDHbnd6H2c1Cgi5M5LYiKQEynklJSZ1fRdy8pKch9yDmG
a3DIi6kN3fmFyM2jQ+HVnjHHxovwzTJiU0scM/L/+zbzFnROmHtHX53lnLCgzenG
5Y3JX8kdzu19zAfYcQ6x
=9VJG
-----END PGP SIGNATURE-----


Reply to: