-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian LTS Advisory DLA-2839-1 [email protected] https://www.debian.org/lts/security/ Anton Gladky December 03, 2021 https://wiki.debian.org/LTS - -------------------------------------------------------------------------
Package : gerbv Version : 2.6.1-2+deb9u1 CVE ID : CVE-2021-40391 One security issue has been discovered in gerbv: a viewer for Gerber RS-274X files. It was discovered that an out-of-bounds write vulnerability exists in the drill format T-code tool. A specially-crafted drill file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. For Debian 9 stretch, this problem has been fixed in version 2.6.1-2+deb9u1. We recommend that you upgrade your gerbv packages. For the detailed security status of gerbv please refer to its security tracker page at: https://security-tracker.debian.org/tracker/gerbv Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEu71F6oGKuG/2fnKF0+Fzg8+n/wYFAmGqc8UACgkQ0+Fzg8+n /wbnxw/7B7quJeb+LwelKTjalNxv3nxDFneqFU5aw9PETNLchppjaeaf4wtsRQGv fMipbBejrMS3gYXbQJka+n332Rw8NKh1hMDmXKExeSE+7zw8PmaBcmuhjbR7kv/5 dJauAyHRJH0c9vC6aPEro/28bUnrbn9TDEobVaKv++3rmPI37uRb0+dNRc9haUvp uyLUkzjE2JRCTFk454/G0iZf6sfAzRbpvHSz0u74JAhylceNlf215AFQJGjdsDj3 v9dH2qCEHeWkRpOrjEsxZ+uBjAH+CsuU+2GQNs00+mRWfMmL3V8zAmskjJbUu5zf BoGj6MYwsws0hxkKxB/62CqhVIf8BAjU7Gv9uhxnFaTRN/OkqzXcid4DT5kAH28w SeNrz64BvPppzGbISYOgnB/Koa4yT4Oi/YfsXZ2uBeDAKsULxxIrJRUu/OspGFn6 5V2fDl6t3HtwidBdsG36aT7wWxT+nterQP0WWLgOXHCH5T8F1SDts1i88cw9TPgZ REEmoi+hZagpblisYPzUz8KepY0PbO2NLUBdKcpHsVkjQTJuLiNpRQ8nf1XNnvxZ Qzwigkmg0BOIc2+G2qL4CEq85rgkoFmjXm7RoBVtB7WZhaDp2uS62uXk5NNv7JQ5 8lz5mXfXGHhA3uhW/O6sTA7SopvnBUVXyW9XhXqbzyT9wgrI04A= =bKJn -----END PGP SIGNATURE-----
