-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Package : vcftools Version : 0.1.12+dfsg-1+deb8u1 CVE ID : CVE-2018-11099 CVE-2018-11129 CVE-2018-11130
Webin security lab - dbapp security Ltd found three issues in vcftools, a collection of tools to work with VCF files. Different functions in header.cpp are vulnerable to denial of services due to use-after-free issues or information disclosure due to heap-based buffer over-read.
For Debian 8 "Jessie", these problems have been fixed in version 0.1.12+dfsg-1+deb8u1. We recommend that you upgrade your vcftools packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAlzsRc5fFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcACgkQlvysDTh7 WEdNnA/9FOQBK0PxgvhuGMUWCAsOAFyRxxvVpFMcgUB/vpWAd/AaLuWPq84eBsAn VzwYS/VjiBeFm1qFk2QK6Z1TJFSSrVFeGlxWhpPwBIU7fZlksuP0EjWihvj/p4iw JJ+zbHgTokIIZ3Y8DCN9yGtv8o7f7ACt4CN36I4XkSl5wqelsKokWLlBp6muBaEm NUoBa3I6MIM0szy4DsKTIC7pIzxkbJ7MJA97gFNWNiWb1SG6hmv2Sc8kccqfPlJd GhMDAsNZ1x5bmQDUb+VYzFHvdPpDAolzl+qjkWE7187BPW5Tcw+hegvwktBBQstR L76zHtLjj9DrZL+w4mk85uoChGJYK6QfXNysBznQHdrE0HlETznziRufXAxF2OSb BG6d2p+FVlUgHmKPIT2hNQHQMntyp8HhlN3bLP6mCLMMvPP65S5A87CjWB2khMWC wiyOlbSIYdGjCf/t16x10Y9asalCf4tX67p8tlF93NEz/jzKN//hUaVIVu/eVunW AtpypmAo+buYEED8eIOsfq/kij8J9PFZGcaEt+9PHMxGQXl0zp/eDzC5Ox8lyMST d9qwEtNU5/07uRzblQw3wkdXeaCslOInk+/+LZbJ+Kt0oWnw2zNN93+O3ytztWIF J9RwLZgyQ4Szt1yi4AHY2KciLHfIzSKrx28EOaNDzd9g3nhxtuw= =9rT8 -----END PGP SIGNATURE-----