[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 2131-2] rrdtool regression update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Package        : rrdtool
Version        : 1.4.8-1.2+deb8u2
CVE ID         : CVE-2014-6262
Debian Bug     : 952958


It was discovered that there was a regression in a previous fix, which
resulted in the following error:

ERROR: cannot compile regular expression: Error while compiling regular
expression ^(?:[^%]+|%%)*%[+-
0#]?[0-9]*([.][0-9]+)?l[eEfF](?:[^%]+|%%)*%s(?:[^%]+|%%)*$ at char 18:
range out of order in character class (^(?:[^%]+|%%)*%[+-
0#]?[0-9]*([.][0-9]+)?l[eEfF](?:[^%]+|%%)*%s(?:[^%]+|%%)*$)

For Debian 8 "Jessie", this problem has been fixed in version
1.4.8-1.2+deb8u2.

We recommend that you upgrade your rrdtool packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS


Best,
Utkarsh
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEbJ0QSEqa5Mw4X3xxgj6WdgbDS5YFAl5dVz8ACgkQgj6WdgbD
S5atbRAArNMYrRewmc20kFoTOPiRep7MNYKC4yL1wNhvcdZidoCjVfy2W2aFg/4Y
xBTDkoO5px3KMBFaNjO/s1EevQkP8iP2mTDwt+jySRAK6szBApUy1OHp52nomkpf
tsvAXGDtGiURwN/XTEJo5KZQ2KrhdOCNK9Kh1Eh7fVtINvqd5bzByvrFENrmEHPy
NZ+rr9UwF2H224wjc6qFGgqmsW+m8UJ8fkKaLEGDzviE2ysfN+VSrzqAskPEOYpX
9ESqh4S4qUQqvwUoHRThUDyyA5LiCiwixSoetUF/etPdupctVX0hFodPsbn3dzgZ
J1Ay+Ve8fCMfHwiu1n7lD91coVE4abLJrzRpj8NUIC+UX+4yHEOTiErgx6k0Bgw4
/eqhK43gL1+7N7FyfUF6LAGbWrH4L0xoPO8EhM2dhy5CGryxMDHw749vV+a+Oe7R
mu8munlgfU9edN3g/icnp5hnebkWluCAp4SyA47Fqm13JoRcsos/xE0e4UmcGrUD
sxoK2Ij77MQi3jGolcg7kyLUbcVBlzaGYUoYkF+pt4A7pk7ix5ijrEBgcGBsa7XD
bzVjzELc3lDI3VjXQhZgLal+SmF2f6170+uedZn/S8fp1LxrtdwadySQoJIdEYrn
EAvXs0/4yxf7QIPc4ZQ/8u+b/G1FVZIKbg9etjPAOtjGlte1Qbw=
=CxF2
-----END PGP SIGNATURE-----


Reply to: