[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 1341-1] sdl-image1.2 security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : sdl-image1.2
Version        : 1.2.12-2+deb7u2
CVE ID         : CVE-2017-12122 CVE-2017-14440 CVE-2017-14441
                 CVE-2017-14442 CVE-2017-14448 CVE-2017-14450

Lilith of Cisco Talos discovered several buffer overflow
vulnerabilities in the SDL Image library which can be leveraged by
attackers to execute arbitrary code via specially crafted image files.

For Debian 7 "Wheezy", these problems have been fixed in version
1.2.12-2+deb7u2.

We recommend that you upgrade your sdl-image1.2 packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAlrH9L9fFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7
UeR6lBAAm3kSIISjjNe0DAx3Ln8LIsxOA86sQk3Fg8uxDD2ljA4YC6KFuTnHT5ui
Jt53qId68su1HFRoceueefx5zPN6AANALo9VE4Pn8sj1xOv2xsy/w5phEda8vn3F
gNjDTzqGNl084tdLGCwvIveHivcopiyGoSrWrI6tad9KtGZFIGHS54gAuOod8zkZ
nUEflYY6mTV9489uyVMLuKl2rni2yspo4ZJJXED7nibfq0f0NbPvZZ0FwdmLGToD
RIZopinEGZA1TOpl2BT7QhLKwZdhp8dZS1DoW0oBRiGgv2FurAgER1Ozn88A3rKl
Pmg3TSQa+aYhhJ3kG8I63Ga8f5BIUX7XbIYzK0Cw7ywEzYq7ukLnhYJCEKvDi1Be
AIh114fCuyX9W1S3sPxXrg7GcWPxeYPf7/+6+ilobn7WAWcJHHdq/DcANXfco252
ZUw8/Becpbdz9iGiDW6YUEEC2+V5eN3CWPjyCvZES7cet3djdTulaLn4ZygKaeKm
sx+BiBR4ms0UrYD58uhbXSz1mV5AUdTYf15XndKP48gDyJy5dgdYqMwnBHncEK/1
vHBP1TgdMvYIBHfSp/tcMILgApJyxjF9B4LxUORn7HfieN020mxglegmcXcYW3FQ
rxpS7ofcmZWlEidTlxFz1poDg6ZYeqn9jVkBd7SdJm3cYygJ19A=
=7gFw
-----END PGP SIGNATURE-----


Reply to: