drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Zwei Probleme in LibRaw
Name: |
Zwei Probleme in LibRaw |
|
ID: |
DSA-3950-1 |
|
Distribution: |
Debian |
|
Plattformen: |
Debian jessie, Debian stretch |
|
Datum: |
Di, 22. August 2017, 06:20 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6887
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6886 |
|
Applikationen: |
LibRaw |
|
Originalnachricht |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
- ------------------------------------------------------------------------- Debian Security Advisory DSA-3950-1 security@debian.org https://www.debian.org/security/ Luciano Bello August 21, 2017 https://www.debian.org/security/faq - -------------------------------------------------------------------------
Package : libraw CVE ID : CVE-2017-6886 CVE-2017-6887 Debian Bug : 864183
Hossein Lotfi and Jakub Jirasek from Secunia Research have discovered multiple vulnerabilities in LibRaw, a library for reading RAW images. An attacker could cause a memory corruption leading to a DoS (Denial of Service) with craft KDC or TIFF file.
For the oldstable distribution (jessie), these problems have been fixed in version 0.16.0-9+deb8u3.
For the stable distribution (stretch), these problems have been fixed in version 0.17.2-6+deb9u1.
We recommend that you upgrade your libraw packages.
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEayzFlnvRveqeWJspbsLe9o/+N3QFAlmbZIoACgkQbsLe9o/+ N3QjYRAArtj2jyK39+qYwrUiRIb1eFZJ9ktBaY9kajnGIH+JnEbzna8YeNHvXxoF FQk6q91iAVG+KANxaYYp1R1r2t56a6gK5b6kb3kgkmSH2DifbRThlhI/XnAngI20 KqPmOscW9Y5v/RQs5N7+d11CiMp99aI8yY043rXxNywAcXgs0rcuefxjqo1Al04s nN6hg1Btibz0oWFBVkUC91tJ7nUSN/EvSqdV5WlkuilN2nJqCART1bmj8ixZMcpw AntyWGW+eiJt7FuJw2APXlQCBMaprQJsVbs2xel+EVK1LwVDOgs+wbon4GUWkiPm MIxBenPPPfC3YoELK2DlcQQEkVhPeZDqK+ZqxWOzpYkjWMhlR/OFWz/gc0sDloCQ OTkLHmgNeQen067qnfbt08s0zBwsr1UoujoNldnrPyqqEbHuqHiWlg3NiZjmUQOn Ymfwe7BSq/9Bb0KpkdHbykziFhV7TIoCLS8fNniCZ/Wv7DQ7Us1Mb0SxZGd9b8HG KUFW6KKQ+LY2QfwgaCv2Ds2JaPR9LJ6+kCS0arIgeWve1ZHZq2Q5sxN4vbehIS9+ EP7SwFAwU8F/PFO+DvlF1FvBRhhAQznL0xan9Rzd5LEjNu+A3Rpe9YE+CuCqY3zE i1Kcsh/V7oRoG7Ht680JsCYnqEGBc5GdVYEJ24223tJQMIxM/Aw= =RMQr -----END PGP SIGNATURE-----
|
|
|
|