[SECURITY] [DLA 2656-1] hivex security update

To: debian-lts-announce@lists.debian.org
Subject: [SECURITY] [DLA 2656-1] hivex security update
From: Utkarsh Gupta <utkarsh@debian.org>
Date: Wed, 12 May 2021 03:47:47 +0530
Message-id: <[🔎] CAPP0f96nh5JzTA=3fpsgY7-LjArt_Yt4V5tRS3VS8VJi_hw6yA@mail.gmail.com>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- -----------------------------------------------------------------------
Debian LTS Advisory DLA-2656-1              debian-lts@lists.debian.org
https://www.debian.org/lts/security/                      Utkarsh Gupta
May 12, 2021                                https://wiki.debian.org/LTS
- -----------------------------------------------------------------------

Package        : hivex
Version        : 1.3.13-2+deb9u1
CVE ID         : CVE-2021-3504
Debian Bug     : 988024

Jemery Galindo discovered an out-of-bounds memory access in Hivex,
a library to parse Windows Registry hive files.

For Debian 9 stretch, this problem has been fixed in version
1.3.13-2+deb9u1.

We recommend that you upgrade your hivex packages.

For the detailed security status of hivex please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/hivex

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEbJ0QSEqa5Mw4X3xxgj6WdgbDS5YFAmCbAmEACgkQgj6WdgbD
S5anyw//V9ReOKUknff3s5Gyz80+Yc/gfEoFNt9FwKdRJXvQYSA9YQYBak2HCJXX
gk7AYarO2IAcNxJjBtAUNvMI4CCw6kn0z5QgJcV7RvWvxaOC11t0kGJ2BFoqJ7Eg
3mUpk9SUan4UUWIasNwwQPdlvHNFI5Sv2YkLGCgMEE9AB4TPMWrqWLN5u20MBLHv
TaJ5ntvfK/8nZE2RNRFqgowUjmaQjHYyCkBsRbiz8I9v3sHxE6yz90nbwwNO3RCQ
EXAEST0EO0udvu7kQlPyU25CWxa++K5/bEOaRKBJKyUtd9SXJFUWYmmuL+79C6OH
fTx7dK+dDs3ZhmQfz5ZO5NmYhjfPSMMyZ9pyQNSD0ftZifcgyKEBm984/MgVeNoK
vQLGHgogg5T0rCFn8mMJcl5E+U9a9OXZnBsswdUvGcy75sDzGr5C9CSCWpO7yQpD
9HWzpFTOresxXg739OFM6svd0oHzncJw3rYd2suS46hLalH+UFicJ6Ai2s+OUoo3
3MvOzoDPCdXDgVZibi0QxG1LZsS7m+LpXCT5RoYeMsJiu1PIBxtRRn9epWdUciA8
Lr7YkYikh6kuYzC75e5SzrxER7TVmuMdBDWMF5ILdF/nh5i4Sh5zlbPqKSdogE9J
RyooFxOWKz0QKIXa0WPIxYpq8K9e1p/G4gYStR6NrlA5z0Cd0cs=
=1XxD
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 2655-1] rails security update
Next by Date: [SECURITY] [DLA 2657-1] lz4 security update
Previous by thread: [SECURITY] [DLA 2655-1] rails security update
Next by thread: [SECURITY] [DLA 2657-1] lz4 security update
Index(es):
- Date
- Thread