-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Package : pngquant Version : 1.0-4.1+deb7u1 CVE ID : CVE-2016-5735 Debian Bug : 863469
It was found that pngquant is susceptible to a buffer overflow write issue triggered by a maliciously crafted png image, which could lead into denial of service or other issues. For Debian 7 "Wheezy", these problems have been fixed in version 1.0-4.1+deb7u1. We recommend that you upgrade your pngquant packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEcJymx+vmJZxd92Q+nUbEiOQ2gwIFAlkttTYACgkQnUbEiOQ2 gwJeKg/8CgTRzi34xBXiTgArBm0T9rEbhKUBsG1M/uYJWAadvfPtuhaqxi+51SNZ hnluPudE6FXFe79Nsv0VtkvbNW1tNwTZCX8iNHxDzRoAE+5i17wNWdGBElr5aGDv cyRW3FikJ/Y20NnZeZdwZeEm2IVtFGMtFK/ag2o1dfMhw6L3NvHBbjeik1HN4gqL cBRwMku8QajKpbyWsL/FmOyu+mCvqlyE2fidh5Zb+k4SKd9f0B+Mi6EXMWjr7xOd P5TewbIL5TGbW+DhWAI8ZGHw5MyH8Msex/S5zlHJpEFQYTsKo4od97vtZ+gebH68 t0kOpyOUy+rjR+TD3kQCrW+J62io/dz7F/fMrlCeAsmPZjFbtSdnsAMtIYXVBWR8 97DUCsMdMyMjUlRogFBWUwHiX6npjrdiT5S3tz+7OhUh2w6Fr9TDh6lLx/+wFiId eCaLtDFhpfSBUoGMADKs4PvyuDzU+DP3a12UMrU9Sidw4bVNCi2ryXJ1EKCxwgxr Aw92z/jhHM6MbecU94FViVmvv3+BclN2EBDV5DZfqrm6qIOtrYEdm0WuoqGtte1v 7WalcWhRO4PbC/c5MbxBawamlm5WBZ09f388PJo5O8Oz+dGuIUo3ltcSjr++hU8U pI0LaXS1BTBI/DgHvxxEycc1yo6sGdHzDBwyDp6cs+ZNwDLZ4no= =9vh4 -----END PGP SIGNATURE-----
