-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Package : partclone Version : 0.2.48-1+deb7u1 CVE ID : CVE-2017-6596 Debian Bug : 857966
It was discovered that partclone, an utility to backup partitions, was prone to a heap-based buffer overflow vulnerability due to insufficient validation of the partclone image header. This could allow remote attackers to cause a 'Denial of Service attack' in the context of the user running the affected application via a crafted partition image. For Debian 7 "Wheezy", these problems have been fixed in version 0.2.48-1+deb7u1. We recommend that you upgrade your partclone packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEErLe2fxl/mzIVM0McrJCsPsUkBl4FAlkDomgACgkQrJCsPsUk Bl6rZw//TBYpdeDMtNm7ezx7fWX5XylXVkcfG9KidSq4T3PI0HElgI3Y5xkyHl4+ DaWqXapexZ7csRABwSlm8jkpg6RhdY4LmVSnwpzNftiN90p+Ix8RfJOW3Kv0VjE7 XzrBFEnGllc088jK4kW8CQ62L6dbri6xJaR/8xz7nMPO8IN9nqV0ok4q2sBE7+1u WTufk+qYAVgePGW+qzfPZQK8TaBfLZ8hQ2JuGhqD1K71P/dGqm4Zf3LieWWhaHpH ZkkFZr47lrV/NNb9Karll1XnwMH0MRAT+tFPdaeVIIWq3I2W+iEy7i/888IVGXVJ bZxppDtyzlrshs2/bIVpLcYEATWRR78GznFPfVmQ4aFONyO0F4PPiwQaiTKZEmvJ 1BMpccj/JaAhAGxFmlq+eXXfLRxHAnX7MCqAFnoEmHZi9aBY0p+46Qc5wfoETFjg HnEVDeni8GrVgXEgof640MEiiBVxwKhz36IVGqr3bHvSvZh2PAt2wwUgBezEq//U rHAxlP0hCfsto101FGPvsGEeuCC0rm2sN6FEqOZmk0DgDaqHZY/fjpKSSEgathgH kvfq0ta2ZvZ5gFJYkecunIqtfvPrYkrV1kdoLlPVsgyuNel+TGHVgdNUWslgYFdl YJg5e2yc7tLBnC4j5kzlOql0SG3naNanc88XF2Hf0nFeEcsMUSs= =nJyA -----END PGP SIGNATURE-----
