Mehrere Probleme in audiofile
ID: | DSA-3814-1 |
Distribution: | Debian |
Plattformen: | Debian sid, Debian jessie |
Datum: | Mi, 22. März 2017, 22:19 |
Referenzen: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6832
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6835 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6829 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6830 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6836 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6827 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6839 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6837 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6831 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6828 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6833 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6834 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6838 |
Applikationen: | Audio File Library |
Originalnachricht |
|
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3814-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso March 22, 2017 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : audiofile CVE ID : CVE-2017-6827 CVE-2017-6828 CVE-2017-6829 CVE-2017-6830 CVE-2017-6831 CVE-2017-6832 CVE-2017-6833 CVE-2017-6834 CVE-2017-6835 CVE-2017-6836 CVE-2017-6837 CVE-2017-6838 CVE-2017-6839 Debian Bug : 857651 Several vulnerabilities have been discovered in the audiofile library, which may result in denial of service or the execution of arbitrary code if a malformed audio file is processed. For the stable distribution (jessie), these problems have been fixed in version 0.3.6-2+deb8u2. For the upcoming stable distribution (stretch), these problems have been fixed in version 0.3.6-4. For the unstable distribution (sid), these problems have been fixed in version 0.3.6-4. We recommend that you upgrade your audiofile packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAljS2rlfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0QNRQ//WI/HPxpSfykzFUN/n54Ujkm7fDV5gVfaFznwU/ovfDgT6VDJpEwH22aT fEvC6fRsHycgZtS7moIOwujCYQqDGwnFAApERo0Ack71/0AJ3JetKFQqaqu8wyAM eqG3UHAqiLndVhm8fgWdc7/Rm2wRNldTrBhahSOVQxiOSJhLuCPH3pcHNq1Ooe1h 9NDZz1PaMm1zafKYQq5fdjX3wIrHs1ZMZheW8+q10h9m+HMIRm7jNmxIibYhAjj2 yhZrgcW/+YDo0Rhxv60qhgVOm32CWr5EX9FGJmk7i3is6hGYXbkMosQrjOtHk8Hz 6B13JWrRGIl0ZmfULG6XhakZSmQVe3REBl9ch9SDg/iugCiykKVvta9w7wDiXSr5 gOqExFEtXo0jnRHvrETzP3My5T9364dkhb9IAClmvMII/tVJPz21zqw0Pd7PCkBo Eaf+wLgH8vw4VqE6Ia0J5mDMki8xCAbYtPbmGI4JH52EOuDdDqMhk06Z/oN1xUgk i/RtwqGRJ+WGpvkmzJNibbwkl92e79fG48FCwHp3nC3rb7nF5K9uFAlJp2kmyxZU p915e8spV5tiWUeOltCGkbtFFU+UVLP6sbksXeAQosAjYuTkSCyLbjXts8kSjdRJ qC58floCcxsdwsmZN0QMuQozN3CHoW0HND53cDAkBXPyhyUI7+8= =nfl9 -----END PGP SIGNATURE----- |