it-securitynotifies AT lists.piratenpartei.de
Betreff: Sicherheitsankündigungen
Listenarchiv
- From: Salvatore Bonaccorso <carnil AT debian.org>
- To: debian-security-announce AT lists.debian.org
- Subject: [IT-SecNots] [SECURITY] [DSA 3855-1] jbig2dec security update
- Date: Thu, 18 May 2017 19:21:40 +0000
- List-archive: https://lists.debian.org/msgid-search/E1dBQzU-0007iY-8b AT master.debian.org
- List-id: <debian-security-announce.lists.debian.org>
- List-url: <http://lists.debian.org/debian-security-announce/>
- Old-return-path: <carnil AT master.debian.org>
- Priority: urgent
- Resent-date: Thu, 18 May 2017 19:21:58 +0000 (UTC)
- Resent-from: debian-security-announce AT lists.debian.org
- Resent-message-id: <ul7zoVsCY0F.A.fPF.VRfHZB@bendel>
- Resent-sender: debian-security-announce-request AT lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- -------------------------------------------------------------------------
Debian Security Advisory DSA-3855-1 security AT debian.org
https://www.debian.org/security/ Salvatore Bonaccorso
May 18, 2017 https://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : jbig2dec
CVE ID : CVE-2017-7885 CVE-2017-7975 CVE-2017-7976
Debian Bug : 860460 860787 860788
Multiple security issues have been found in the JBIG2 decoder library,
which may lead to denial of service, disclosure of sensitive information
from process memory or the execution of arbitrary code if a malformed
image file (usually embedded in a PDF document) is opened.
For the stable distribution (jessie), these problems have been fixed in
version 0.13-4~deb8u2.
For the unstable distribution (sid), these problems have been fixed in
version 0.13-4.1.
We recommend that you upgrade your jbig2dec packages.
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: debian-security-announce AT lists.debian.org
-----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlkd8/1fFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND
z0Q6mA//QKmVvHleTPsAd8J4/RZN3FceRddsYgahBCjoA/sAc6T0led6C3T9xwrY
3R6tNEXh+1alqrYkPFRtnQsmu515UcxNYTed8zRtQXDpUqgqayvrQMlJRlS3VOGH
9xIM46rhirJnV7C96rk3pG2rGAxN7Uo8Z9+dH6PehFezF/GWt3EqHv2xcfU5Czwn
pPsSIndjOO+aBPiZql6iS4C7eEbs9lKSdRJ1YTbkyxF/TftjxByQ17HNsQR9PUWG
BtnJpbUpeFwAUr9XkV1w+jKtpbSbDETwC7m//+mxeRf8eUQh3BpnwXGjn+UmSH4B
0TlFBI4Tbh/+wGEjLJvs6b6BqBZ25q5InUFLXzQtN8/OYPHM+1QIPlJNRl8Ce7QD
J1FUhiCoWmwQDL2VBGkGPHcu0Yp+sqoLEgzeBSHRIgqiQklHrluhoUqtIMeeONQU
CF7Ox/XuvWW6qDWnfagD9J+TJoGmHummVKRZVcVaZQk2wO3zyj/ShhzbNr9BNLNf
yI1ZP2IIu4lvH6bjKIGvpbuLBv61vF12WToePlk3yQrxKK10Ibpwj43fitr23PnX
EAFKBPU3y8fPdqmEBzXKL6pK/E5Bb0mVnJ2RZZlOHLkI2evs2h+Co5R37INUSxsN
nWiHHAPSm53yCjbp9HxwdO6WiBrbWUhpmcyhv/+ayFtGn9Yvc5E=
=FSsa
-----END PGP SIGNATURE-----
- [IT-SecNots] [SECURITY] [DSA 3855-1] jbig2dec security update, Salvatore Bonaccorso, 18.05.2017
Archiv bereitgestellt durch MHonArc 2.6.19.