-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Package : cracklib2 Version : 2.9.2-1+deb8u1 CVE ID : CVE-2016-6318
It was discovered that there was a stack-based buffer overflow when parsing large GECOS fields in cracklib2, a pro-active password checker library. For Debian 8 "Jessie", this problem has been fixed in version 2.9.2-1+deb8u1. We recommend that you upgrade your cracklib2 packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAl7KspFfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcACgkQlvysDTh7 WEfysQ//SKzwGeOsU14JIcJUFAlKMjLvlWOjftfkKI4zUwGK2dlwFzwVmoKJq7BD A3OkDT2BXk7RFc3yB0ij1i2NceahaFhyYoXL9fpdrGfQPzQ6qvZJ3hbfaDZpk1HT 92ue9KQo8i11iRPfOWqrl38GBJRGPntMutt3KaHVvNW2StdDp6MYb7+wVgSSqjWg PCqDijgOsVCRpjpO7+VT+ayGI1Bh62K/An4NU5N6T0k3rhJSubdiEWdl9OfzJgDf cusCdj4Xsn2QliHANM5sa9vllOaBl0yTzbXi95tShkUtTWzy64t96R69ulvcWn6G YCqioTmXp5EUBDjSkk3hru6JnzHkLlusjGimTLAeMTRm4wrU3DN7Tg2JeqS5jcHW vm/V1x5jgfnW6ju+LIA1JZFDCttWaVVtC/2k3Md6CAjnjr2BdWkn7XyQqDX2Tirb jX5P36cZlP3tW0XSBoK8FObcWcF4wbM/IDKX4oqppj6z+6s9caUXCL3NvHOiDwk7 TZ5inuhRhW1Mqs7QXBnCiWkWT5M4KsZVT/SlL4NWZUo7LHkPfESBsQ6AYqY54R+K DwpZfF2aj0WZ+MmZBfSvdv8fljfkIee4oECQ5Z6iDlNvg1iWd8akfuh010SxRXAh v9EvWVerhWE9T4ZKWXcXogFPIDX/PGDtvvjVcJ/Es5JRHvV1yqA= =gAga -----END PGP SIGNATURE-----
