it-securitynotifies AT lists.piratenpartei.de
Betreff: Sicherheitsankündigungen
Listenarchiv
- From: Salvatore Bonaccorso <carnil AT debian.org>
- To: debian-security-announce AT lists.debian.org
- Subject: [IT-SecNots] [SECURITY] [DSA 5412-1] libraw security update
- Date: Sat, 27 May 2023 19:44:25 +0000
- Authentication-results: mail.piratenpartei.de; dkim=none; spf=none (mail.piratenpartei.de: domain of "bounce-debian-security-announce=it-securitynotifies=lists.piratenpartei.de AT lists.debian.org" has no SPF policy when checking 82.195.75.100) smtp.mailfrom="bounce-debian-security-announce=it-securitynotifies=lists.piratenpartei.de AT lists.debian.org"; dmarc=none
- List-archive: https://lists.debian.org/msgid-search/E1q2zpx-009SY4-P9 AT seger.debian.org
- List-id: <debian-security-announce.lists.debian.org>
- List-url: <http://lists.debian.org/debian-security-announce/>
- Old-dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=debian.org; s=smtpauto.seger; h=Date:Message-Id:Subject:To:From:Reply-To:Cc:MIME-Version: Content-Type:Content-Transfer-Encoding:Content-ID:Content-Description: In-Reply-To:References; bh=oK2u/lr/Mf69sK2NCJz5g5juifVVd7XgHqqMR0Jnk2k=; b=mB 0anVWXjqNM2njG4D12igAvgwHzYbAvJX0OFvqwdOoRBEUxwqAg19c8ZpsvGR7wrM+uf0MZnNQ4lO4 tfYeQn52uurkqRo422rrBwPMZCaWid881AMjzyAu3VEbct5mbsdIFCTpdiUvXsr+Wkq3Q5m2Fr28b V/wDBML7/ISTQr9CpIeOzGGNFdv1fwJx5zGslFBM9tOoE/yT0ujTGWXuswH0luTV3l8m7CVQt9sjK 6l6/3SDa1OfNY+8OBlktQEgd0ZobeOIsAstAyCOb2cV90PH/JfP2L0nbbPUX6y6CYQHDdPo6mcVMr k9PE0dt1FX9Mt2Jgiq0l4wWoxkTUtvEA==;
- Old-return-path: <carnil AT seger.debian.org>
- Priority: urgent
- Resent-date: Sat, 27 May 2023 19:44:50 +0000 (UTC)
- Resent-from: debian-security-announce AT lists.debian.org
- Resent-message-id: <hbwUi0sNFVK.A.oVH.y2lckB@bendel>
- Resent-sender: debian-security-announce-request AT lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- -------------------------------------------------------------------------
Debian Security Advisory DSA-5412-1 security AT debian.org
https://www.debian.org/security/ Salvatore Bonaccorso
May 27, 2023 https://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : libraw
CVE ID : CVE-2021-32142 CVE-2023-1729
Debian Bug : 1031790 1036281
Several vulnerabilities were discovered in libraw, a library for reading
RAW files obtained from digital photo cameras, which may result in
denial of service or the execution of arbitrary code if specially
crafted files are processed.
For the stable distribution (bullseye), these problems have been fixed in
version 0.20.2-1+deb11u1.
We recommend that you upgrade your libraw packages.
For the detailed security status of libraw please refer to its security
tracker page at:
https://security-tracker.debian.org/tracker/libraw
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: debian-security-announce AT lists.debian.org
-----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmRyXNFfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND
z0S6ehAAlIVUex5cV2eOg9y4Z4MrXPPEl7DPhsEItBnU6tA0PQLxImblhRY2+bru
Fw7S3ovXQxOJQRW3CQ7ykRenfERuZXvENJwbauwD4XFAFPOHcs0lEkdAumQ4pEnx
czetY/GXvXVqZ5L2LD8SDLrPLO37u5JNZGclVHn+2OkzSPm3rMwvXXPy0uik6PG1
dlJBTbAeTm8bCls+TEvcCD3M1EgwqcJ4Cemnd43R4BvLsd8FJWWB41XrbvEtt5s6
44k3eJ19EkjYJ/lfi2Uu2b6m1crdFt1DSFl1UlGaMWL/Jz+R8OzAYenlY7RRXzZO
sMSPlt4B4TUC1AG0WgeZhec4StNDhdQyNZ4ild/2yUqR0cdMLWIHs1Lst+Yr4sKO
4BAe75otA93nV49bicwgA+8Sb4nehLZAIm+dUbc+6SmqwntHsfZpSyWTt4FuAH6d
M8R6hOAXkQ7DI9x9eod1NLH0FXqcl61qAKrfs348Rd4vPZY5TCndxvSJDuyynDFs
9GrYKgN0mN/2ePAgj2Y7CvfUnkoVwK9AeQRETkSLzTwivT+XBc2RUaYRohGARp7D
XnoEhtvLUx1Efr1LKXNizT958kpBPvTp3fVf6iP/fW9VtZudbvQb2wBrF7iDe/r4
PX2OoYXdbm5qiV7wU20M+YQwZqIva95FQkKxdtPfnYzAWpWMa8g=
=Bfzv
-----END PGP SIGNATURE-----
- [IT-SecNots] [SECURITY] [DSA 5412-1] libraw security update, Salvatore Bonaccorso, 27.05.2023
Archiv bereitgestellt durch MHonArc 2.6.24.