it-securitynotifies AT lists.piratenpartei.de
Betreff: Sicherheitsankündigungen
Listenarchiv
- From: Salvatore Bonaccorso <carnil AT debian.org>
- To: debian-security-announce AT lists.debian.org
- Subject: [IT-SecNots] [SECURITY] [DSA 5915-1] vips security update
- Date: Sat, 03 May 2025 05:35:10 +0000
- Authentication-results: lists.piratenpartei.de; dkim=none; dmarc=none; spf=none (lists.piratenpartei.de: domain of "bounce-debian-security-announce=it-securitynotifies=lists.piratenpartei.de AT lists.debian.org" has no SPF policy when checking 82.195.75.100) smtp.mailfrom="bounce-debian-security-announce=it-securitynotifies=lists.piratenpartei.de AT lists.debian.org"
- List-archive: https://lists.debian.org/msgid-search/E1uB5Wo-006LU7-MB AT seger.debian.org
- List-id: <debian-security-announce.lists.debian.org>
- List-url: <http://lists.debian.org/debian-security-announce/>
- Old-dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=debian.org; s=smtpauto.seger; h=Date:Message-Id:Subject:To:From:Reply-To:Cc:MIME-Version: Content-Type:Content-Transfer-Encoding:Content-ID:Content-Description: In-Reply-To:References; bh=JdAYouQAj970xhm3O5yXEeNJnoFZM6uITx9ABn+u6b8=; b=mC nJC4C+WtEg564Za1baxuxXjLWhQYX6WPezPB7INRppMEGwEt9Qb3A69/unovEMnkoDSggs9vId4SY IvJ/NBStNxJkkZC8B8vOdzO4C89ROL7Uf9Cuv0GsIlQbLEF/DJTwHGggvp2tOWTbGZEHMVwwmIbH/ 7EnzlNOPnz8dsqEEvOjxQ50EtHVrlutvFHd06Nq/hEKaxvnoOCl1QnfvYKYdi5hxtpdDxA5MG+2Yn Z4vbOfhTAxJxtRaANZEgqNcSMo9rbU7s90/UU6Ki1VTtlL2DyyBt48e9eDz1Px6yppMOudpqU4CQD Tt+122LV1qpAukxb2Mlbi0zkEGIGkV2A==;
- Old-return-path: <carnil AT seger.debian.org>
- Priority: urgent
- Resent-date: Sat, 3 May 2025 05:35:38 +0000 (UTC)
- Resent-from: debian-security-announce AT lists.debian.org
- Resent-message-id: <q4VQzLYAu8I.A.aML.qsaFoB@bendel>
- Resent-sender: debian-security-announce-request AT lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- -------------------------------------------------------------------------
Debian Security Advisory DSA-5915-1 security AT debian.org
https://www.debian.org/security/ Salvatore Bonaccorso
May 03, 2025 https://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : vips
CVE ID : CVE-2025-29769
A heap-based buffer overflow vulnerability was discovered in vips, an
fast image processing library designed with efficiency in mind, which
may result in denial of service (application crash) if a specially
crafted TIFF image file is processed.
For the stable distribution (bookworm), this problem has been fixed in
version 8.14.1-3+deb12u2.
We recommend that you upgrade your vips packages.
For the detailed security status of vips please refer to its security
tracker page at:
https://security-tracker.debian.org/tracker/vips
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: debian-security-announce AT lists.debian.org
-----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmgVquVfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND
z0RVTw//WG9GuyGDgmPI1TK0fL5GZR4r/rdKjGOcTcD1rc0hVkc5Aq8r8z5HUEC4
abiQwmUafP4o6gxKZKLIx0RhyweELUb/lvul0E8kZYhBH/teCWzabcCPHpXJauU5
Zuq/zYpuN9pS67nNx4yGqc2gW4r+1p7DS6d+qY2qCfrwxrw1M3OnpGYeNTJ46N7O
c6XZ1FX72qXlqwp6GTKQKuRCHfuRVTqKs/nyS4/f+KcJeQkwhLqhLW5KOZ025AUV
rwbunBxdabV9AMxNaCPGiRWCwQx1cFaJd/7xpi84NEMVDS1xjkcTk0MznfqcBcTC
P0vfUWMC1lN4gC5UiXbywYC18E3nGKaGYfUX6uAPV9KhqSJFKMPoFmFjkOEY1ITU
wbuRSVIcuWYHmkYd7GC3TSbP08vyTQZ0TTVzEU860Y8/6l0ZG+B+w66EDjU4ye0V
ToDIpnrvUbT2QfhPnuSHqDzNkOSZm9wTjQ9DqkoR4asNprEpd+ZO1jBGWUj4hyEc
+Zm/iQxl8NHSNxunPhan+NpyTBqFYC84nyNKJAgGp+vYVSxQhoZHymFnY22GsyKk
+SOpKJzvjZKwQG07Q70caHwIcJcWpv8FBHyT8iurI2uPwxa2W/zxcvhOxIkC92wl
qsO5IR/L5TQeSvj4jWA6vtFw2P+5g93tZkNZ8ja/4ZvjwxDlqNY=
=Rtes
-----END PGP SIGNATURE-----
- [IT-SecNots] [SECURITY] [DSA 5915-1] vips security update, Salvatore Bonaccorso, 03.05.2025
Archiv bereitgestellt durch MHonArc 2.6.19+.