-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Package : libextractor Version : 1:1.3-2+deb8u4 CVE ID : CVE-2018-20430 CVE-2018-20431 Debian Bug : 917214 917213
Two security issues were discovered in libextractor, a library for extracting meta data from files of arbitrary type. An out-of-bounds read in common/convert.c and a NULL Pointer Dereference in the OLE2 extractor may lead to a denial-of-service (application crash). For Debian 8 "Jessie", these problems have been fixed in version 1:1.3-2+deb8u4. We recommend that you upgrade your libextractor packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAlwhIrxfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7 UeRRyg//YpnxrEYZ4jUQr4ZWRzrfADhuIISAn5MTutUXGHLeYy6akkZ5EHjeDWeC ELVDOWmEU6stBbFF0VZbxo2G9PudKF7CkbLTi6k1L4PYYQGwYiZva6QuXY+1U9+v LxQLuZJQpZE9vzx9dWKOUnkRg3Vcb0ppgHnWeYKq0HBNDdnr76YGHR75GfMDmbDf VwvPmpsXIjNOT9+1CbMYFIp7bNqzytKYNHUnFoIPVrJ7eOAFauHyq3YOWXYDw5TE Nuj3TPHwE+dobhsJZGC2v4gPfLE9cnt8gqv6MiRaATgu3rANMghZY1PmCxEa6gN+ aer+MS+UuyJlUpHV7G0XE4On4DdD3RbZVf2hzUT+yK8jE7lnVbjjLFFIro8W/Vyd C8aFWnwIfyEshi8sONCuUHY+Rfvu7d+EuECTHpnI3KadTKzvJ2kOA91jyC2sea0j UL59VNMl6ZA18+SyOYwLC8v5XkKHHfUOISEQ6twVUaTJvJiCwsmDzGHD2zCSNOif 31c+64BBlVdm4HspWXTnH4DrTlQ2xK4jtlMEarHME7tXR7KA09eW1Cxj7HThN6yz bIjj+OaK/uks9mmJKfxx4FkKU9G3fM2B8jISO6H4htpt37XPwYBmTqAlYS1jGBnn cT/WR6L9LOT1lLd1+xZ2BO7ztJhM4RKxMoaw0RRqYAnHT5bNi2o= =IVD9 -----END PGP SIGNATURE-----
