[SECURITY] [DLA 1340-1] sam2p security update

To: debian-lts-announce@lists.debian.org
Subject: [SECURITY] [DLA 1340-1] sam2p security update
From: Markus Koschany <apo@debian.org>
Date: Sat, 7 Apr 2018 00:13:57 +0200
Message-id: <[🔎] ed117ad4-e218-2508-26b5-3a20933c0d54@debian.org>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : sam2p
Version        : 0.49.1-1+deb7u3
CVE ID         : CVE-2018-7487 CVE-2018-7551 CVE-2018-7552
                 CVE-2018-7553 CVE-2018-7554

Multiple invalid frees and buffer-overflow vulnerabilities were
discovered in sam2p, a utility to convert raster images and
other image formats, that may lead to a denial-of-service (application
crash) or unspecified other impact.

For Debian 7 "Wheezy", these problems have been fixed in version
0.49.1-1+deb7u3.

We recommend that you upgrade your sam2p packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAlrH8SVfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7
UeQRUw/8DtEQq0IouaJL/nGbnEswWhe5zOmfKgRJ2yyZW7WRWpVI2LETouxzq54s
8pQK6Ok2+uBBdh6d0v3MmtnJBdExQFSgdFM1enWyvYlfeLReGIVnT0UQJ/7UDeFT
SdniTXspfaQVbr67L9+IVh1xT4hu0eAScZL916vjWDLBMHhc06IU81tq/BDnTL2g
H8or+0sVoh4F7k4VlbM2MiiL1Bfe1QdzOP+2wleYrnO3uQMLysBDPJoytaLsPbpB
JBeiY0myAUpv7LF6EwmeIofrP5ZxreZ+XH9JhsLwjXkQwWxs4K7UWaOsEkKbh+7G
ut5mBIyCtGTfoQESU0B3yMLjs29CynT3PzsDTfel1c95uyasOiCLtY8hi8gvBZ1W
xPqUO2sqcN9UjASL//79IugBlztoyi9kHq29u78YReQih+XwI2ygDmvXR2YuYCx/
eaQ5NRqr2L7MhUHjARd5E1aRpaaSivtbbNjV9qpgju08Uy0AeRLbWHmGLr3yfkCv
AeEd7v877IFR4gSWE4Ds9Ilh2j/tpLZTbL/y0IK/rM0VDQ/ZN9/Q7k71srQr5PnW
9RTVamt7LG6MuTmcDLkg1yVclPB4UNaMD2HfBzke9b8raPHoSd6i9hd91sWHTC0H
/vgCNz+isWM5WBmUJbHtzGLiSeq4ttGEG30DkTS14X6WaauzPLY=
=bUus
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 1339-1] openjdk-7 security update
Next by Date: [SECURITY] [DLA 1341-1] sdl-image1.2 security update
Previous by thread: [SECURITY] [DLA 1339-1] openjdk-7 security update
Next by thread: [SECURITY] [DLA 1341-1] sdl-image1.2 security update
Index(es):
- Date
- Thread