[SECURITY] [DLA 2035-1] libpgf security update

To: debian-lts-announce@lists.debian.org
Subject: [SECURITY] [DLA 2035-1] libpgf security update
From: Thorsten Alteholz <debian@alteholz.de>
Date: Sun, 15 Dec 2019 23:52:30 +0100 (CET)
Message-id: <[🔎] alpine.DEB.2.20.1912152346580.9184@jupiter.server.alteholz.net>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : libpgf
Version        : 6.14.12-3+deb8u1
CVE ID         : CVE-2015-6673

An issue has been found in libpgf, a library to handle ProgressiveGraphics File (PGF).

Due to lack of validation of ColorTableSize, a use-after-free issue mightappear in Decoder.cpp



For Debian 8 "Jessie", this problem has been fixed in version
6.14.12-3+deb8u1.

We recommend that you upgrade your libpgf packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAl32uS9fFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy
MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcACgkQlvysDTh7
WEepxxAAlGof/brEljBjXDwm4Ws2zoS9HYXpEbewGl+u0/8YPnv9N6AxL9mq2QXE
630mqPKfOaS91WS4GA/HInWrFNn46IduTpzBHmplBNxKgmeFzvCbgc8FvPwZYlnD
9z4mElMsHP04VKz5YjW0VS4MZyVFxRTmeToCnc+aJRuA4IU6OtleSYAYgpVzeQGK
cccOdHZaI1pLUmkPndl3Z5dW/RvQHEVZuuJzJCEfM/YTNS8TZDQkjUOJkmoyVv8+
+vW9P8JEvCaRAoVnlVpQ8pR9zD3iO4za4GLjijxF0wrfNa/09xSIhg20ZHCnZphA
tER69CTXtLB0tWbrpZJCmh0GtGXPfJih6qslHp7YS27kpSYlU06IbMXHnvxVfSaI
cI2DYKhKZ5lCFLBdMJzWOBZLxMRhh/+pabKTwdovYImFDfOko8xtqZowbxwmIy74
k0UH9elx4g68SvcDrPuNv3eEdRp4ZGT8qgIw4J00OnmU7SuBoGeif5EsoxybEmks
LuLeMYVucROmFQixpDvb8/XtIwyaDk6dFTa8mYNGTUC627xCuDNqpCBnPFK8WGil
0vZkxWvnno80rY4jJOeGCweYiuyE4vJJU3Ge6siGlhdAd77J+PzbwSc/23wxRhPh
ko7XCmhSBXsS6mSei7RFwePqVTFazo6YE/yMkeb4/D3oTCE6n+I=
=J0Ip
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 2034-1] davical security update
Next by Date: [SECURITY] [DLA 2036-1] thunderbird security update
Previous by thread: [SECURITY] [DLA 2034-1] davical security update
Next by thread: [SECURITY] [DLA 2036-1] thunderbird security update
Index(es):
- Date
- Thread