[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 876-1] eject security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Package        : eject
Version        : 2.1.5+deb1+cvs20081104-13+deb7u1
CVE ID         : CVE-2017-6964
Debian Bug     : #858872

Ilja Van Sprundel discovered that eject (a tool to eject CD/DVD drives) did not
properly handle errors returned from setuid/setgid.

For Debian 7 "Wheezy", this issue has been fixed in eject version
2.1.5+deb1+cvs20081104-13+deb7u1.

We recommend that you upgrade your eject packages.


Regards,

- -- 
      ,''`.
     : :'  :     Chris Lamb
     `. `'`      lamby@debian.org / chris-lamb.co.uk
       `-

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAljaI/oACgkQHpU+J9Qx
HlgfsQ//cEoz/qhvqq3hTaoWc0up6qf362QhflT+hGq4cmsRtvDh+JyUB+qw13aE
gcmmbLdtOtzWm7zUZDQsJraP0ZIEjaHE3xtNR3rbzvptzEl5Ju+JZoLIHSocG7p6
0JOIXOjHT6AjgGqxMlVJNazGwQR8hcKpMqeLVHTM9K9Ypa1ZMPGsybEWs/0FqCwy
PYpLQGBB8XDJdXO7dJMQb2zi9J+CTm++s7JZVD1oSv4KlOsz720cKrwkITKfpYvP
qLIIb179JYYwX/rU238wBqCxl7VwpnX5QRhpbZ0zIKNTl3hkvUybYM4saM1s1D1t
23PWc7QJgD5asOuMkuxnj1RsJouodPH3AEsqALRL9R5ELwRdmLNyizCF7RCSShQ5
pcv3u/IKR0Eo/9UjWDAx8hgpNYCG5ELhVI2HdIQMTTsWpGnazTD4387/KLrT8enE
S8zTysFtBkdp6sbL06gSUXwkN97xwJxY6VaWDelosAkK0L04ScQwZmyCYO9QCCoF
ZOg15pXw+WZPDhtJuwH2+GH020tx8YbT6G5WebttFhwvofkEA/pqW7tn+aS9redm
tCkgp+sXk3rkWT2O/Ieck8JouEvAURA1nJPHbpaT8gOnXejYKZFQADCK1knqxjBf
8/UIZic+AbTPWhi/GlkL+abMCNivf3/VZJW2bRcniHIoLbMKZEg=
=giwa
-----END PGP SIGNATURE-----


Reply to: