-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Package : optipng Version : 0.6.4-1+deb7u3 CVE ID : CVE-2017-1000229 Debian Bug : 882032
An integer overflow vulnerability was found in optipng, an advanced PNG optimizer that also recognizes other external file formats. This may lead to arbitrary code execution when a maliciously crafted TIFF file is processed. For Debian 7 "Wheezy", these problems have been fixed in version 0.6.4-1+deb7u3. We recommend that you upgrade your optipng packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAloUjApfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7 UeSEDw/+JuEMuzLEFnmRKpQUPBqpN+nwQ7SpPILNjVw6E5+KWzo5bI5iQ5v8/oCz I11uj3Fsmv5ftpQRKBK2ElpR+4EX9s9Hmgyx0rrUMy7XkvGZkxxEdXmqlsFYs/0W YgOlZqzCoVIdikB/eyKruhESndoPz6a2gAsl8ZgUYmeWO0qACqR/qzD1n7BqfVtn UpGbsKKunsUDwxA1NPibCdCHd3EErRA6nN3ofDF7Vooh7WIPOAgUW6FcSczz5qdp gpb1HCuJJXvBLHEMwoNYxVBGBs7wZ2czbwJaqpyEurkrQLJNA2722k2Wy5t5/lOg mK3qHIKOGjCcMpytVqv5+HXkSxdicLST2HUmw2XoMCnAl8g+MJAMTMRzgj29mVXi Wyi5I+HOn+l5Xr7W7AvhaY1HTCI+FYMqbMLRYVlMfOgtXPz7VYMcClZY5FvqF5gD miYeW4g2yUSYGW+BzD9LKwf1zqjbu8sKbskIbEatgQuxau8k0sOKqZvdmLkJQbnj 3v7/pVpAFP7q8KtOFwrQ9BUibzw82gbnvdJ/jLa9qSiO71Qjp4XFMmNq5cZXBP8v fye82CXyC22yx/VnhA5SDiwL8qiy9pdNLfze1WlVf/KMH+RdQxpxHhmO4Wmbpzew VxEhUPIO+V9pmR7Whqi/1TxSFe3NzQFnqFI4bUQbUV5zVuaa1i0= =AOHH -----END PGP SIGNATURE-----
