[SECURITY] [DLA 929-1] libpodofo security update
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Package : libpodofo
Version : 0.9.0-1.1+deb7u1
CVE ID : CVE-2015-8981 CVE-2017-5852 CVE-2017-5853
CVE-2017-5854 CVE-2017-5886 CVE-2017-6844
CVE-2017-7379
Debian Bug : 854599 854600 854601 854602 854604 859331
Several heap-based buffer overflows, integer overflows and NULL pointer
dereferences have been discovered in libpodofo, a library for
manipulating PDF files, that allow remote attackers to cause a denial
of service (application crash) or other unspecified impact via a
crafted PDF document.
For Debian 7 "Wheezy", these problems have been fixed in version
0.9.0-1.1+deb7u1.
We recommend that you upgrade your libpodofo packages.
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAlkE9RlfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7
UeR8BRAAvpfEbeqWsys1jNTXlW1Q6VtxJpVDk+bYlMdacq8/FjOuURvVrs174iYL
bqEE8KPUdvv2YfHqVFbg1yyd0V/q6LkntLd0BEMvm2TG74PXnwqlgb08GQRyqVCM
3kcFmYjo/1bnfBZW05/UKZBsYOxrPqlZwQzZPAGBrDwaHXIgIs0rIZHCu+UHL3Fd
ZQyXOjzqIqpPy4Grr6Ebi/GxpxK3OuPcRMobtb2DGxj8Ghao5Xs5OfnXEXFNFxMS
ERXQNGAC0E+o4IC6+6LWO49vEP48RFm/LoNeNATMXh2lEKag44K1HprPbTCSQjx7
cWg/I8POUhDNAiM+E6wvY1lkawpOEXshPCVZdyjzqlktiNKX2N2KTJh8i/MT0G9M
Ex4poebolZFm7Nqod3KAKLYWIBWtSpAhKYiJhZyQ/e6vGlMMtmekjFFGzLJUjVUb
71hGPjrUy4vp1J73Tf0zkJwz0CSi9U5wG4bvMPMgAYNVY9/00awe1kIaMQOlpuJ1
TVIcfU20gkt9XzfUKAqwKAaBT4mcpQoULR3Bqc1CM80Fr2BbVcC4nt9hgb8wyjI+
5bj2WZbdD9NpE7gcKbsiokNtGZ5EGmIAWSR9dcn/10kYoyoTyp/evbPuKx15eMMu
rvtOmdmGrAKUsddsawHvbR+Mf8VgHdZ4bSf4HVVvaWPXul47YSE=
=83f5
-----END PGP SIGNATURE-----
Reply to: