Debian Security Advisory

DLA-3129-1 gdal -- LTS security update

Date Reported:
01 Oct 2022
Affected Packages:
gdal
Vulnerable:
Yes
Security database references:
In Mitre's CVE dictionary: CVE-2019-17545, CVE-2021-45943.
More information:

Two issues were found in GDAL, a geospatial library, that could lead to denial of service via application crash or possibly the execution of arbitrary code if maliciously crafted data was parsed.

For Debian 10 buster, these problems have been fixed in version 2.4.0+dfsg-1+deb10u1.

We recommend that you upgrade your gdal packages.

For the detailed security status of gdal please refer to its security tracker page at: https://security-tracker.debian.org/tracker/gdal

Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS