-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Package : r-base Version : 2.15.1-4+deb7u1 CVE ID : CVE-2016-8714 Debian Bug : #857466
An exploitable buffer overflow vulnerability exists in the LoadEncoding functionality of the R programming language. A specially crafted R script can cause a buffer overflow resulting in a memory corruption. An attacker can send a malicious R script to trigger this vulnerability. For Debian 7 "Wheezy", this problem has been fixed in version 2.15.1-4+deb7u1. We recommend that you upgrade your r-base packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS - -- -------------- Ola Lundqvist -------------------- / [email protected] GPG fingerprint \ | [email protected] 22F2 32C6 B1E0 F4BF 2B26 | | http://inguza.com/ 0A6A 5E90 DCFA 9426 876F / ------------------------------------------------- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQIcBAEBCAAGBQJYzFqcAAoJEF6Q3PqUJodv9IYP/1k/eC3ZjiqpCxKXeszs6pkn CEiQK+tbSV4iSHE+5FwyU+wQWdh9ZOVkJ+SsH4QI9sYqbAtuY0FhGWst/rE5FH0o lU8vylKKGCwWR28Pyop+v1LlnHhTrEpdeCLaUOfR+MsnI1gzjhYIOdGZvd7PD/eX V+iPHd/un+IJW3hIizEV/+WaNNrleDE/fDf8bmrZF/CVZ5ov90nHmmaCImlK7K7C FxyV7p0AicMgwBnoRq4j6U30RcXoQRIy60HlNxyaqGfyg+lUAPusqYwiGB9a2LhG y8voDxaa5fH4V/1+X4zezYgkgTv1VKU4/Cnr8whKCelbQmbVeJHPdVgUwtQHRyoK 4D0dc1aFvlH9nx2dHTVHEZ6oKNa7h1bT9qTjbhc/GFzWBccf1kjgpwHol1aGpaBL odbfHMvSrV/B7W6fK3PT/7g3y8lvX7HkSW2weQXZCpIXmgVnpAL/wy1MZUrvv/Wt BfMnSpWGGLxOfrINJuc7paXP1fwpNAhwvHyxjgnJ660wQVxB0M8QEKyILjhWdCU8 kTZhnoaiJwJLsuOPE55tDHbnd6H2c1Cgi5M5LYiKQEynklJSZ1fRdy8pKch9yDmG a3DIi6kN3fmFyM2jQ+HVnjHHxovwzTJiU0scM/L/+zbzFnROmHtHX53lnLCgzenG 5Y3JX8kdzu19zAfYcQ6x =9VJG -----END PGP SIGNATURE-----
