Hi Moritz, Thanks for the long update, I guess it would better if you send one mail with libx*. :) smile
Regards, Diamondra 2013/5/23 Moritz Muehlenhoff <[email protected]> > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > - ------------------------------------------------------------------------- > Debian Security Advisory DSA-2692-1 [email protected] > http://www.debian.org/security/ Moritz Muehlenhoff > May 23, 2013 http://www.debian.org/security/faq > - ------------------------------------------------------------------------- > > Package : libxxf86vm > Vulnerability : several > Problem type : remote > Debian-specific: no > CVE ID : CVE-2013-2001 > > Ilja van Sprundel of IOActive discovered several security issues in > multiple components of the X.org graphics stack and the related > libraries: Various integer overflows, sign handling errors in integer > conversions, buffer overflows, memory corruption and missing input > sanitising may lead to privilege escalation or denial of service. > > For the oldstable distribution (squeeze), this problem will be fixed > soon as version 1:1.1.0-2+squeeze1. > > For the stable distribution (wheezy), this problem has been fixed in > version 1:1.1.2-1+deb7u1. > > For the unstable distribution (sid), this problem has been fixed in > version 1:1.1.2-1+deb7u1. > > We recommend that you upgrade your libxxf86vm packages. > > Further information about Debian Security Advisories, how to apply > these updates to your system and frequently asked questions can be > found at: http://www.debian.org/security/ > > Mailing list: [email protected] > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.12 (GNU/Linux) > > iEYEARECAAYFAlGeOvAACgkQXm3vHE4uylr6EgCffVfHl2qmCgS8tN5JmlF54cnE > 9xgAoO0I9C9vPBeJ6vSl4qr/zQu9lGYg > =N55T > -----END PGP SIGNATURE----- > > > -- > To UNSUBSCRIBE, email to [email protected] > with a subject of "unsubscribe". Trouble? Contact > [email protected] > Archive: > http://lists.debian.org/[email protected] > > -- Diamondra RAKOTOMAMONJY
