-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Package : augeas Version : 0.10.0-1+deb7u1 CVE ID : CVE-2017-7555 Debian Bug : 872400
Augeas is vulnerable to heap-based buffer overflow due to improper handling of escaped strings. Attacker could send crafted strings that would cause the application using augeas to copy past the end of a buffer, leading to a crash or possible code execution. For Debian 7 "Wheezy", these problems have been fixed in version 0.10.0-1+deb7u1. We recommend that you upgrade your augeas packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEjtbD+LrJ23/BMKhw+COicpiDyXwFAlmhv1MACgkQ+COicpiD yXypxQ/+KYR4QgpBm+OHDXNsKyaDqKFMSSU/AOo/HVESrm+x6CkmZVXnFmGmo3XK +FwNVeYq6KrzREAK5dq3wHoGF0izXDXtqgh7UpLtruUtjPR4+UR8qwP+WX7aIPWo a6aj1yEvTyUegiFYgWD/ihTv15382HirdrqTnDCNyJzfF0T/9pTjwWf3ICh4FPIN W2x5cKvL3U0A9xBKYe0Gc4jDotcnhqpruVg3wEpSMxwF8jhyiAcynzuYyI9HPwxR zC81pxgH/32Dw+2w1+iMP4sm3yVdThqENScecJiSvUFAqaC8ZEgmCP1RbS26lSV4 jb5zhac7xmhSRSgc4vBaxM9j3tVDo+vVin+mkJ87/8/1zTvKKYY6e7jDSpCCAbDj mPD2ZX2hcO+Tvoh2Je12dq9xXVktFs9Y1K+NbatTFoMgKPEGVxIWfkhl9sdUnOAz HvUVRlP/uzM5Anour8JEs+TGL6tHtIvt0xe5K7bKq4V7TEqE8afS3FD0aurzUCkI bQiLaJ8fNY9Y0Hi0WnS3H4hEz6usYzWlT+plVRXpq6x+4pao30Z582kn00jHJMiN wgrc3AFXoNbP8czocrXsNF9j58JY9fYJqIPRFs2Bghgxd36nXQNwKMoORiKOCb/g 3nCEhkWnOSJss/fSJnIz27F5WoYC9N6hIv4AtICsaIkMcT9/C8o= =vDxG -----END PGP SIGNATURE-----
