it-securitynotifies AT lists.piratenpartei.de
Betreff: Sicherheitsankündigungen
Listenarchiv
- From: Salvatore Bonaccorso <carnil AT debian.org>
- To: debian-security-announce AT lists.debian.org
- Subject: [IT-SecNots] [SECURITY] [DSA 3208-2] freexl regression update
- Date: Sat, 14 Nov 2015 14:40:56 +0000
- List-archive: <https://service.piratenpartei.de/pipermail/it-securitynotifies>
- List-id: Sicherheitsankündigungen <it-securitynotifies.lists.piratenpartei.de>
- List-url: <http://lists.debian.org/debian-security-announce/>
- Old-return-path: <carnil AT master.debian.org>
- Priority: urgent
- Resent-date: Sat, 14 Nov 2015 14:41:14 +0000 (UTC)
- Resent-from: debian-security-announce AT lists.debian.org
- Resent-message-id: <4nw_Je0FGWC.A.g2B.Kg0RWB@bendel>
- Resent-sender: debian-security-announce-request AT lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- -------------------------------------------------------------------------
Debian Security Advisory DSA-3208-2 security AT debian.org
https://www.debian.org/security/ Salvatore Bonaccorso
November 14, 2015 https://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : freexl
The update for freexl issued as DSA-3208-1 introduced a regression when
handling certain Microsoft Excel spreadsheets files. Updated packages
are now available to address this regression. For reference the original
advisory text follows.
Jodie Cunningham discovered multiple vulnerabilities in freexl, a
library to read Microsoft Excel spreadsheets, which might result in
denial of service or the execution of arbitrary code if a malformed
Excel file is opened.
For the oldstable distribution (wheezy), this problem has been fixed
in version 1.0.0b-1+deb7u3.
For the stable distribution (jessie), this problem has been fixed in
version 1.0.0g-1+deb8u3.
We recommend that you upgrade your freexl packages.
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: debian-security-announce AT lists.debian.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCgAGBQJWR0exAAoJEAVMuPMTQ89E3OMP/3t0dIqxOodj8kL/WrMFbRBz
bIAPBU50Jbv3SpgZNa3CkT4gjvWgEA79RsF0obepqYf/5h05FC8Kpvic7hUYsVj3
4FYk1KNCvYP67+UIpu5pe0hV2w9OGMJmVZWI4qUVjxIHenhHbv4WAEoa2vGk7wlk
QQAQfmRepiy6i6pEZX7VGbsQsLkBKzWQl8T7NJrxbrT35fM2hmQin93gJzLMGWFQ
YyLzvtPxs4FBkKbGTESSbtLkhtHq2Tnax+GqZsPkT2NVtOm8qXEqaw+Tnx/Hopjp
eVqB0uvdkFFSZx8wFlqUCVFHLun/03KRKz3foGDCB1eAL4jODfFZV37vaJ182Exp
EqJuDdYoUyGWM2ikr8cEP4+OsHEXeDeUiZPkU9Hr+1FSF2AUHWvIqB+RqNTJZF+E
5aGBO/HJBFxf4Z1fZVmTqpgdjl1Wqi77pPmqfvNA27YpBGjVCzqtfEB6c8HHdRDS
viIEmE//E2pquOyrqU3noFBTcAlddvreKjkWo3y+DOHGSS7JLL8FUVM9amnPOmpn
vbID6vVKJvTk8NyeZoHsGxRh3GgVHauI+9wV7yUSWItxQM2Jubd1eYKfgmqi0u9i
a4L+ADDaQW4Gvd9NqLZ/si5YOvEEysQjqXdHpIE58wxivU9x/XJ6Zu/OraCKGf1a
DXiRuF3RQlIV6agMYiuQ
=RGyz
-----END PGP SIGNATURE-----
- [IT-SecNots] [SECURITY] [DSA 3208-2] freexl regression update, Salvatore Bonaccorso, 14.11.2015
Archiv bereitgestellt durch MHonArc 2.6.19.