-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Package : libraw Version : 0.9.1-1+deb6u1 CVE ID : CVE-2015-3885 Debian Bug : 786788
CVE-2015-3885: Integer overflow in the ljpeg_start function in dcraw 7.00 and earlier allows remote attackers to cause a denial of service (crash) via a crafted image, which triggers a buffer overflow, related to the len variable. We recommend that you upgrade your libraw packages. - -- Matteo F. Vescovi || Debian Developer GnuPG KeyID: 4096R/0x8062398983B2CF7A -----BEGIN PGP SIGNATURE----- Comment: Debian powered! iQJ8BAEBCgBmBQJVeCkbXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRGM0REMDlGOERBODdEMURGNTA0NkM5OUIw NjEyRjQ5NDRFQ0RDRDVBAAoJEAYS9JROzc1aUEAP/REiK4pGmbCKbx5EEiwnw6O2 0fWPRvxQNKfLonJ+iRFnFB32YRkoF2JKY/yY9FvnEDVnIC5EEIw8oYQFBvg0P73a T064WddqxXcb+qzT7Rf/rTgAs7nq6nlKau+84tv/xjvA+nb9vL9EsfNgkYWc1CCh nZLif+yQwZXqOI/85/7NNO7Ygx9IXNVu1LcFS8o+/6LP3NzyJuoTlGm58F284y5K ZImsSlQEqH/aOuUuWR44ZfA9v7jcLr4//p0zS+6yGjwLEsm0dEaGBmioWSfnxUda SCOlCkwJ6i7bD8CrnQ5zIkS2ygtne9vDoG2vNk79Pqd8XLocQHzWksc9ZNkuxpBT N+/wykHzwXq7YNhaFLa+p3DO/qyuAxi1vpnbFo+CkjH5YYx+KjpMFcOmuOWetjLx SP4iyKW/ANt5bEm8POCBDM+eJSiXA3yGAo/nrDqgJ9iv98+wKDAupVauCJgolJIG AcxD2JSD35rRKNc/elqLXPDhNYS2lMhvTN+Nbkue5klYBQZ84x4jcWKBW/GpKkXy +NpT5jixskTvurEBsSmsLiBoi22pyGWq+AvOutjWVS7BIo8nk3/p1RSpuAYeuncN w6LxPT6cwR6TE4rVv8R//q3NovocFbGa3cu9RtkmXvdaI96nugxTh0f90lGmYI7q p3en5PVdgciQVwev39Zt =hpAm -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: https://lists.debian.org/20150610121003.GA6156@localhost
