Debian Security Advisory
DLA-1465-1 blender -- LTS security update
- Date Reported:
- 13 Aug 2018
- Affected Packages:
- Security database references:
- In Mitre's CVE dictionary: CVE-2017-2899, CVE-2017-2900, CVE-2017-2901, CVE-2017-2902, CVE-2017-2903, CVE-2017-2904, CVE-2017-2905, CVE-2017-2906, CVE-2017-2907, CVE-2017-2908, CVE-2017-2918, CVE-2017-12081, CVE-2017-12082, CVE-2017-12086, CVE-2017-12099, CVE-2017-12100, CVE-2017-12101, CVE-2017-12102, CVE-2017-12103, CVE-2017-12104, CVE-2017-12105.
- More information:
Multiple vulnerabilities have been discovered in various parsers of Blender, a 3D modeller/ renderer. Malformed .blend model files and malformed multimedia files (AVI, BMP, HDR, CIN, IRIS, PNG, TIFF) may result in the execution of arbitrary code.
For Debian 8
Jessie, these problems have been fixed in version 2.72.b+dfsg0-3+deb8u1.
We recommend that you upgrade your blender packages.
Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS