-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Package : libxrender Version : 1:0.9.7-1+deb7u3 CVE ID : CVE-2016-7949 CVE-2016-7950 Debian Bug : 840443
Tobias Stoeckmann from the OpenBSD project has discovered a number of issues in the way various X client libraries handle the responses they receive from servers. Insufficient validation of data from the X server could cause out of boundary memory writes in the libXrender library potentially allowing the user to escalate their privileges. For Debian 7 "Wheezy", these problems have been fixed in version 1:0.9.7-1+deb7u3. We recommend that you upgrade your libxrender packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQJ8BAEBCgBmBQJYBjO3XxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRBQ0YzRDA4OEVGMzJFREVGNkExQTgzNUZE OUFEMTRCOTUxM0I1MUU0AAoJENmtFLlRO1Hk3zMP/1F268UQCAQfAb+YkwDKjKA4 2fLthgqK+4Fgh+I+PENwMImqarsP4TDQcH71ZNlhG9sdCg6hM47V3tNlbMTxx7E0 /Gj5NNkQGCKudOwW+zaZMm9hFrIuJziQEANHSz6J0BbZCFyy1kdCbPmBLvKvhiZ7 IF62BwDEvJy6Me3pRsuLEwo5yOC7f2WFAVIyWnaWUV9jOtQ2RtOcO044xVWDA2Nj pSpkhlHP152ljIR4undPyEb9vStBVDE71lXR155N3XzWnZ63XU1p4UvgU++LkoVo R1zRE6mLntP4/5zHDMwH/iKPMrTbBGn0SO3T01iTD01LOt0ic2Ay714XFSdq6mBM xK6EtSOQrv35xJ+a0kJwAVnb68gBSCgrhVPgiE2oCeWawZRWBSzCIm/cH0a8Zxuh wfWqehM0nokQEa4QNnwjCJudXvm7EdMWjeYOSby7o65fC0AHF/oMHQVsmg0BqIno ztYK1tE1nzes/7jBgzgNpESBLB9MhlrT1rbrF8LJShQk8PaWPGb75Ys3eFRBhTxJ Vh+u+7uOVEli8RsdvLSnC1fc4QAemAwOl04bZTg0D1dghsYQ2QACst7w6N9YNCEA E1OyA/6By9nklTolHN5JAo4SWyWskILM8gD4YfS68Pw6CsL2tFnR7bMHDww2SKB2 UpJh7VLQNIW4iVOmpq1Q =YwXc -----END PGP SIGNATURE-----