[SECURITY] [DLA 2438-1] raptor2 security update

To: debian-lts-announce@lists.debian.org
Subject: [SECURITY] [DLA 2438-1] raptor2 security update
From: "Chris Lamb" <lamby@debian.org>
Date: Sat, 7 Nov 2020 08:00:01 -0500 (EST)
Message-id: <[🔎] 160475389343.1531700.14738702787454187958@tinycat.chris-lamb.co.uk>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-2438-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/                           Chris Lamb
November 07, 2020                             https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : raptor2
Version        : 2.0.14-1+deb9u1
CVE ID         : CVE-2017-18926
Debian Bug     : #973889

It was discovered that there were two heap overflow vulnerabilities
in raptor2, a set of parsers for RDF files that is used, amongst
others, in LibreOffice.

For Debian 9 "Stretch", this problem has been fixed in version
2.0.14-1+deb9u1.

We recommend that you upgrade your raptor2 packages.

For the detailed security status of raptor2 please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/raptor2

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAl+mmeMACgkQHpU+J9Qx
Hli+lQ//WHgjnzZ3/3RMe3JonPJGosdd2atiWKnFrhq90JurUB/qlhEr/YYAYbwX
6BHKSyZZ95uqZRqbzRbmzgxEDhu8C3UuldPbO2q5vkmmCRrEVRUHUtw4HmGWGXOo
LQoJttPlvXN92gvh7hBSg3NFtbmfnlAfEQN9ka2xe5WpTG0v21f5Pa/yk1h+KwGl
2KQNmi/oyUzW8smOP3rQ4esLdrR6dlrzfb2cKAQ85UZLv/OFoAMS/3DDjCGu2WoY
11L+K/scqqtFALl4sG5EFS57a7ExDwa4Y2ZCA7RCol+OYXTQRk34lDrHO7fk6JaY
kGJbPavTti9PIgopx/Se/QXH1suTz0JZYAf0PxfZHVfg1jiut7Qh8/0DSta3BZ6v
y1bHzFNeIPDqmo1wNgWg3imVIvY9uU0VYtU28W/qFkXm607QfAqLcIvh6O7CPL70
V58ycLNqiA+B7ZVxslBNW6HxV3ogRiiD3tsv7iXp7/J0PanZ89PkR4Su8oPa76Ir
lB+4uvfMjHc+8QgoxIkbBErexbiFxp+cQ1pjVnl8ZStGpaQ2okCiP10OE7kCcqBE
vJCkFH0ecteE3OCqAwe+z9OV3SAtPO4sfNO6Zw6CKjPBtGzHncqXn2QyTavNqGbS
q7I+8UMaoWFt+/2feWWiBzp8+wOsATozuGawe4alG79lisFbp9U=
=vkN2
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 2437-1] krb5 security update
Next by Date: [SECURITY] [DLA 2439-1] libexif security update
Previous by thread: [SECURITY] [DLA 2437-1] krb5 security update
Next by thread: [SECURITY] [DLA 2439-1] libexif security update
Index(es):
- Date
- Thread