[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 864-1] jhead security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Package        : jhead
Version        : 1:2.95-1+deb7u1
CVE ID         : CVE-2016-3822
Debian Bug     : #858213

It was discovered that there was a vulnerability in jhead, a tool to manipulate
the non-image part of EXIF-compliant JPEG files; remote attackers were able to
execute arbitrary code via crafted image data.

For Debian 7 "Wheezy", this issue has been fixed in jhead version
1:2.95-1+deb7u1.

We recommend that you upgrade your jhead packages.


Regards,

- -- 
      ,''`.
     : :'  :     Chris Lamb
     `. `'`      lamby@debian.org / chris-lamb.co.uk
       `-

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAljS9d8ACgkQHpU+J9Qx
HlibQw/+O13pmuUaGgo0CBiH5TXF85ohI3ibgatvlUH//+JDdKLVylRnMKfdCqtR
6o7suogYk74Fm64PfClzCLRgYnyCYdeT9uneIb7d7PBtxvsqUpcEyjRXAwzdgYRF
5+CeiTwFgn4Y3mbIcfdGBMJHkZ2fxIqS2cZ4hekh9SZgztZcKYE+gkVr3jiL8uxf
HEczu0JZ3snb13tY1slCGg8N9LapnYT4ho1jQz0Y3+Js4N5EIeOxodLARJhAyJIj
2AQsMFb3h5Bfsi4wyqYiCGrTVRzyhkvDcuV/f1rXjD87OsHYMRMMchm65+WXADeM
8VzMY80Nv+ATvi8trK/jKp5QsUQi/EEdYIvMOCk2jcKgDLjeVRgFGViUwst/R1rF
NUniodtsEXuAXtcTgwCJ0DlBqVGLcoEKGrQGHu4m4x7tzvUXDTICSfyx8PfKOmjP
Tbo921ZenoXUHVN1CmCJYP6LyQKIOpL54n4ImFoV6IL0or66FQVvacWKwlKa1xxE
T7bzGisP+fcLkQZGYzDKs5fG0M+0sPb7Ci5jvFyzchk/Az9Ae42R6vNv+jQUVZc2
hLbJHwELPCF7mHRy4Fa/5orJLCNkPghmLK1JhZa+BtNM7tnXhfjjL6jI/816OFnQ
Mo2E07zmJIfayMxrbBI9qvr0OgpJnuvkqKdjHcVsQ7qoS1NAkEQ=
=80OV
-----END PGP SIGNATURE-----


Reply to: