[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 962-1] tnef security update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : tnef
Version        : 1.4.9-1+deb7u3
CVE ID         : CVE-2017-8911

CVE-2017-8911

     An integer underflow has been identified in the unicode_to_utf8()
     function in tnef 1.4.14. This might lead to invalid write
     operations, controlled by an attacker.


For Debian 7 "Wheezy", these problems have been fixed in version
1.4.9-1+deb7u3.

We recommend that you upgrade your tnef packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQJ8BAEBCgBmBQJZLInoXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ2MjAxRkJGRkRCQkRFMDc4MjJFQUJCOTY5
NkZDQUMwRDM4N0I1ODQ3AAoJEJb8rA04e1hHvxkP/0g4csNAmIYky8I3RAhPXBnX
ruS+Rqj0BqbT4wb8nBTVryAd4LmlaEdJ5C1HbxfccGcSRqzHlAqdlZRojPwf/SIn
nQtlq3DPXwzZylH6dK66gxyZEcjP8wLm21MHvNQrjjHdFDSibBpdjvkxUQQhiO2f
fsC8PwA+rXKhMie7x/b/jEJZYQKIx7BVANeA+oUFKIbTD6/r2a3tQKs8IBo0iwtZ
Gvihj9Mnc5lzRxHCgjmD2bvIw9tzfn+TFOIO5qWXlb/31Qp7mDC4+/4vlFF4fd5D
ucgsMtwxkHba2KSueMFx67UngOUnAX3mtx9VLFw77z7OkWGG1fPuj4A8/MtwSyEl
7kSl7FQqSDmGyHnq33CHauEBjQOE5QytjQ28JhC0KFhXYT1FGEZMK4HE7KEHiGZ8
GULk41H5ACXH0I77sBtsu0EPwx9bE5upZ06mlOoAZm4iPHWcOIgvm5r1dOw1n5j4
oJ2g3j2C+tU2vDN8nR+co7QKLwBz9kjOQKWcEIGu2KV50L7SLqTvD1sv0kLU6QKF
1FwKf07TGNl98aABCp+wEWLRj/g/1AeGWR/kJx/mkRoGWO/soSel4XWWVADy1NHM
dBjfUSBToq0kI9zrxDM3UKMRIsV+tLqXpwMzY7hDsaE1cmt3vyCxlx7obLjyT99p
FMS3N5oGIRxbiAhI35F2
=9uUZ
-----END PGP SIGNATURE-----
Reply to: