[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 1465-1] blender security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : blender
Version        : 2.72.b+dfsg0-3+deb8u1
CVE ID         : CVE-2017-2899 CVE-2017-2900 CVE-2017-2901 CVE-2017-2902
                 CVE-2017-2903 CVE-2017-2904 CVE-2017-2905 CVE-2017-2906
                 CVE-2017-2907 CVE-2017-2908 CVE-2017-2918
                 CVE-2017-12081 CVE-2017-12082 CVE-2017-12086
                 CVE-2017-12099 CVE-2017-12100 CVE-2017-12101
                 CVE-2017-12102 CVE-2017-12103 CVE-2017-12104
                 CVE-2017-12105

Multiple vulnerabilities have been discovered in various parsers of
Blender, a 3D modeller/ renderer. Malformed .blend model files and
malformed multimedia files (AVI, BMP, HDR, CIN, IRIS, PNG, TIFF) may
result in the execution of arbitrary code.

For Debian 8 "Jessie", these problems have been fixed in version
2.72.b+dfsg0-3+deb8u1.

We recommend that you upgrade your blender packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAltxZsdfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7
UeTTuhAAvOVxnABUH5iI/00MP6OI6XPAJtdm53HYdhaKuo/xwH3riMqcCBNMIDKk
6oWR1Ad++XXod2mdgOqMgy3OsEwPBIG1NuhTw/Mvb64qeNUgFiyQWB6gF9NbZUmf
ZlZ2ksXLd9ThVs9rPT5StdryglXGd+mA3gEKPWVxA9yS94ZKFyKJtYL7mPYYAhtk
pejTujmC4/HbwqdAl5t+z2OkDCish5IWTGa1BDlpn+oI+G1V+YdpTFY5caYC5XmZ
fvB5qVbjQsWIapPyUDxeBD3rRXcUHlJvVYIpn0UOTJiKAQ5tODO7kMlZ7QbBTyXc
21cEl50NWaCPCRF2qBJzRbjZIl8qAGYf6NVPkO3BTvY5sDua1O0uJIBsVMKWDxxj
AgbJItVNvM0HmIvm5pmT3oof6CZrAhtSHFOoFMYftX/TiAsMVz4M27r3JcCCkStu
FP7REAFz6XEbLQe78FnAvXKh7HsSbZijAqNNacSuAzk3AMoRXL5aoXAdsdEowZcz
HJd5l0Cl7SyGinDSGHsvGb1roxH4QwRJjKvYDrQYDfKg3+dsgmpTWHxsWk2NBzAM
W+revsoqvhj6pvAasIgbH7AlWZ70V+0Frp4USKN4BAzzPBc2aP1ZInWPIcKNKY59
G20Nis7PX8TqMry2q1KJ0rBLT2ht9Q0cZbdduPjygQVerQ/ur5Y=
=XLtu
-----END PGP SIGNATURE-----


Reply to: