-----Original Message----- From: Moritz Muehlenhoff <[email protected]> Date: Mon, 28 Apr 2014 18:47:14 To: <[email protected]> Reply-To: [email protected] Subject: [SECURITY] [DSA 2916-1] libmms security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2916-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff April 28, 2014 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : libmms CVE ID : CVE-2014-2892 Alex Chapman discovered that a buffer overflow in processing "MMS over HTTP" messages could result in the execution of arbitrary code. For the oldstable distribution (squeeze), this problem has been fixed in version 0.6-1+squeeze2. For the stable distribution (wheezy), this problem has been fixed in version 0.6.2-3+deb7u1. For the unstable distribution (sid), this problem has been fixed in version 0.6.2-4. We recommend that you upgrade your libmms packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: http://www.debian.org/security/ Mailing list: [email protected] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBAgAGBQJTXoWvAAoJEBDCk7bDfE424hkP/jUv5rBxjQmzJPaqqfzLAvDz Zz98k1lw5+BoXBlWF8OiabNm7oVJYGbJOPwFMwJXnOWNvY3g8PvSn332mefXnyqC y2cMnyLR3OBMe7XM3dQZbKveyVhq7a1lrig002+Leihihcomlq/1BE+F3mrTpix0 nbWMW1kliXG/c2IpHprJNOdNMGZaA4+wtHrBIvpmJ5B3zw48YSKpq3TvuvsLdYr8 BzKzdcF0nHQ7oRpSKnpuk4IEj0cWKLkt8oo+9LCQS0UwW3vGg0sx5rqZpbGIOLyz a88fDOJGTE8EnNz5svuYNGcK1Rp6ovGS0e7OFt12NEjdZuGF96n7bIoonx4qO5Uz 4SChgNqC8pCpCqMbBfn79wpkSVijak7MYpb4IaHtTPRm2bzftj4tikms0HUZmkZ7 apXa0t+3dFqMCNWJRRitu4q3XAjahANhAUtfeec6kYkVhMxM5hz5IZqOy+VmkvJr cX71dH9oRV6mzyMyPUGG6gYtxGwcCB0fcdISx6P0yERCrcIU8+yndOKaS6vu6eQR VoiKkPmYFrM67DmkCGttXS91m1flTGgSz1u6228Z/tnE7BNWKQuGsiAGnjF7tY9v ndcgJ2kQw+hkS+KLaqZX0iLw70vqOke96djlxGU81a16Z9us+3sh1SbE55Qm0pZe 1apUKqp4U8tlwdHwiRZ8 =ESif -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: https://lists.debian.org/[email protected] -- This e-mail (including attachments) is intended only for the recipient(s) named above. It may contain confidential or privileged information and should not be read, copied or otherwise used by any other person. If you are not the named recipient, please contact the sender and delete the e-mail from your system. Rif. L. D. 196/2003. Le informazioni, i dati e le notizie contenute nella presente comunicazione e i relativi allegati sono di natura privata e come tali possono essere riservate e sono, comunque, destinate esclusivamente ai destinatari indicati in epigrafe. La diffusione, distribuzione e/o la copia del documento trasmesso da parte di qualsiasi soggetto diverso dal destinatario รจ proibita, sia ai sensi dell'art. 616 c.p., sia ai sensi del Dlgs 196/2003. Se avete ricevuto questo messaggio per errore, vi preghiamo di distruggerlo e di darcene immediata comunicazione anche inviando un messaggio di ritorno all' indirizzo e-mail del mittente. -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: https://lists.debian.org/1121288231-1398704204-cardhu_decombobulator_blackberry.rim.net-1763912055-@b26.c10.bise7.blackberry
