it-securitynotifies AT lists.piratenpartei.de

Betreff: Sicherheitsankündigungen

Listenarchiv

[IT-SecNots] [SECURITY] [DSA 5300-1] pngcheck security update

From: Moritz Muehlenhoff <jmm AT debian.org>
To: debian-security-announce AT lists.debian.org
Subject: [IT-SecNots] [SECURITY] [DSA 5300-1] pngcheck security update
Date: Mon, 12 Dec 2022 21:54:40 +0000
Authentication-results: mail.piratenpartei.de; dkim=none; dmarc=none; spf=none (mail.piratenpartei.de: domain of "bounce-debian-security-announce=it-securitynotifies=lists.piratenpartei.de AT lists.debian.org" has no SPF policy when checking 2001:41b8:202:deb:216:36ff:fe40:4002) smtp.mailfrom="bounce-debian-security-announce=it-securitynotifies=lists.piratenpartei.de AT lists.debian.org"
List-archive: https://lists.debian.org/msgid-search/Y5ejINngtQ3KpAG3 AT seger.debian.org
List-id: <debian-security-announce.lists.debian.org>
List-url: <http://lists.debian.org/debian-security-announce/>
Old-dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=debian.org; s=smtpauto.seger; h=Content-Type:MIME-Version:Message-ID:Subject:To:From:Date :Reply-To:Cc:Content-Transfer-Encoding:Content-ID:Content-Description: In-Reply-To:References; bh=Gd/NGVE3FQokLSL9Vgw6do54y0C8e62ObDn9326NZuY=; b=eC yPBYKXVT55rnpmGxlpC649+SfB9+2geNCrISQ8Aw9R4Hn/vJ9jrAwtbnojIOxQjt31bJVtHwhj9nx Znzgwe/n/uNEYooqsiJ1zyICsmoD4cW8ks0Ars9OobpxN1LmwRZ6ZyRfW6l/aRACgin76n2UK6vx4 hRhlYCsasXsGB5K0rp8xCEuGLat/qTmkhLXmNkvOJd1oA8kgoJYIBjcDA9TmJbt+PQ+SIE1zbYo3R Ppi44zkiqyLxQHwiQVxsmAD0GBTTwlfMXUraPU6c5mNDyiglfr2uxqzK1NvcmWfQRj4W5Lay5Bj/5 95svBDRkOlPw5Aq1wfTiV4VP7S9XIvPw==;
Old-return-path: <jmm AT seger.debian.org>
Priority: urgent
Resent-date: Mon, 12 Dec 2022 21:55:03 +0000 (UTC)
Resent-from: debian-security-announce AT lists.debian.org
Resent-message-id: <lCwFBsO_b1B.A.EUE.3M6ljB@bendel>
Resent-sender: debian-security-announce-request AT lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5300-1 security AT debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
December 12, 2022 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : pngcheck
CVE ID : CVE-2020-35511

Multiple security issues were discovered in pngcheck, a tool to verify
the integrity of PNG, JNG and MNG files, which could potentially result
in the execution of arbitrary code.

For the stable distribution (bullseye), this problem has been fixed in
version 3.0.3-1~deb11u1.

We recommend that you upgrade your pngcheck packages.

For the detailed security status of pngcheck please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/pngcheck

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce AT lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmOXol0ACgkQEMKTtsN8
TjaLrA//UKv7QUjBuJzwxy0kVrxAvH+xDT4N61NBlVDAerMncxxjb3BBWDYWEzHL
J/Utw3XYQYQjnffXPRJiCruH8bFdDmD18vqMCoUGDo6CTFT/pyQqFxncZu13IQvV
1LjgnVraaJa/TQ1BrH8+p8O8X+jqC0f9CThV20qatvxXbgmQkevXHIJTwEw3wxXU
aW9Mn3zInZBmkqQKsRaTnd+ydOdwD6MUDVPj/3FuSTLiOv7kV3cyzBB3lZV/7Nox
Lw9KBoTHttc4rPd/u6XYdG5Xc+VOGnYhqLyF8cxQbzi1/HaTZn/ItuGmCrHe6eFm
5VgMI0RutukvFSWuMPIf1MKgvBco3UppSCKUOpJvBNWOmt8uV4eRJgQvx399FyWk
wpocub1cUSaLdigcd8oTDj6xqi8TpCOXW6fQiVu7pIxeQEcJWHAiiL/T82kbUBJ3
zXOMWMsOwYjdxujC095480gjENVqVoAq41cN0J/xroBXFVAxVZXLxaGrrRjAzdLh
c2AHWhFXWESCzBFHV2OM5gxtQUpYLPdICYvNTRXxNXhT3VZOZBTJy0cYQrtAwRQy
E//3agQDzRVpJxte6BbLxOl92C+WZicpbiUyzv3a96QM12R3RQy2A6WiXeQ4L6xH
TnvIe7RN2cS9Gl/z0NnY6d9yz3Ay6kAB7o62e3GqDNchtXp0Ers=
=ppOy
-----END PGP SIGNATURE-----

[IT-SecNots] [SECURITY] [DSA 5300-1] pngcheck security update, Moritz Muehlenhoff, 12.12.2022

Archiv bereitgestellt durch MHonArc 2.6.24.