[SECURITY] [DLA 858-1] wireshark security update

[Balint Reczey]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Package: wireshark
Version: 1.12.1+g01b65bf-4+deb8u6~deb7u7
CVE ID : CVE-2017-5596 CVE-2017-5597 CVE-2017-6467
 CVE-2017-6468 CVE-2017-6469 CVE-2017-6470
 CVE-2017-6471 CVE-2017-6472 CVE-2017-6473
 CVE-2017-6474

It was discovered that Wireshark, a network protocol analyzer,
contained several vulnerabilities in the dissectors for ASTERIX,
DHCPv6, LDSS, IAX2, WSP and RTMPT and the NetScaler and K12 file
parsers, that could lead to various crashes, denial-of-service, or
execution of arbitrary code.

For Debian 7 "Wheezy", these problems have been fixed in version
1.12.1+g01b65bf-4+deb8u6~deb7u7.

We recommend that you upgrade your wireshark packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-BEGIN PGP SIGNATURE-
Version: GnuPG v2

iQIcBAEBCAAGBQJYyzxDAAoJEPZk0la0aRp9z+wQAKDFTMaMTgHsvwqiJjMaYsp2
rbJ+PlXsvYLaz6WkY+CZI6OHw++D9VEXgpqOa5OF+OS8l9kvJM05rYbxxxqPjVvq
4b2PYWyfsp/0yrm0SxS1WzhBLBdiDqOHSzop/hYv5E7mUKrwGXORP4VhLg9MY30f
CWajIv+pFT+BR6PGEd0Sakz3N7iDYLQprayEEPbYuyQsVXLE1Bx/CQwqQwl8sQ4X
lmXSjEEnjnhG8pXz8RrkBTAwFJGxuD4HiqtMAQ750ksCJYGd1JMC1XzdJBLlbS/K
bxTIKkDos4YDr5sAgZ/EYswkkvf/SNtzTwZDqhQuGStkqPLBNEEUOzuYjSiGyLjO
Kag3KRrcOboaaZnG5I2E746uQlnCqGpqDZa1PF6o2tnAv9s/+H17GMGxXyIXmmSv
MXiqw4GdxWN7wv83o7qrMeLWP1zLKHTTT2lpuUHZJMUbJ89K5H/WXtwh10nnoEyl
yG87671xm3YWrtYN8WAupDdSSrO1SftX4xh+F5pBivz/ZJpsf+WPqEP6TNjd2SsH
pungceDxEEIUR3DUZ2XN4MpbeFZlr6GDGp82HjqQKEtQdda+3/cpDsHHv1sahDYA
xMO7HRkZO6KI+cprHqZr7O3XGlPvMaGnvl8woBdYuGpM6SQhdXXdkxOxiep7bbXt
IdRFrbsWDj/TYwvUbPTg
=JF7t
-END PGP SIGNATURE-

[SECURITY] [DLA 844-1] libquicktime security update

[Balint Reczey]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Package: libquicktime
Version: 2:1.2.4-3+deb7u1
CVE ID : CVE-2016-2399
Debian Bug : 855099

Marco 'nemux' Romano discovered that an integer overflow in the
quicktime_read_pascal function in libquicktime 1.2.4 and earlier
allows remote attackers to cause a denial of service or possibly have
other unspecified impact via a crafted hdlr MP4 atom.

For Debian 7 "Wheezy", these problems have been fixed in version
2:1.2.4-3+deb7u1.

We recommend that you upgrade your libquicktime packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-BEGIN PGP SIGNATURE-
Version: GnuPG v2

iQIcBAEBCAAGBQJYtiFTAAoJEPZk0la0aRp9hnoP/i67nnjVtc6J6Kdz/08Dx4MX
YxbPDCvlFbmQT/EkL6Y5qpaD8UHxEzHPiu+uZijvEbONtHZJ4ZppX4155lmYY2TT
Wj1DskONEc3pbRLX9AkQ9yDW+O62tfsWqzD5cUYv0ZLU6+BB1f+Q4iq5t9KUyde7
u8CHCC2bf7HVJftEvVCi1PNy21KKjguvn08x2jRaHVr+FkBYlK8tAphg2iYgrYEr
qSG5ruBJrrptpUtnWX/scERPCb+I8Cq03nqqD9ARkN1fYst8oTSO/CXENbUzL3Vm
y5ZriHBWFak2ZnKRqMpL6YjeAAFcnqcJJHkRtrhn/YGnmV0occG2I2uIV3Osy1Fs
qMrRencGnZEKIndMoHPTB8fsfpOL4z2cMm787Wun2qzGEVSkT7I7TwiwXLIzeTej
szhWdy/tEG571QJ7lBzK2IYxscyAOlmKiFjRrsn6uj29cwQ7rl+wscYdwUBhftz8
2bW2UxKhY0LEmVbA2oA3StGTvj+cMlH3cduTw0Ajkf/W+sBCpe7aNM+tQAlemAsC
9VJ29R4mT1Q4VNXl9GthO+1ukylGLhTdbN0pHaemRFl5u1SNdWNSxXKWDzXh2zB8
azuoEQkprLefDIzTRLAqIbDgw6sczUZJMOKUZKlA+lJ8b9bUlJuHgvYL4/Pl+7MN
x9hvPgBvrvOFoD2yW3X5
=Z/1G
-END PGP SIGNATURE-

[SECURITY] [DLA 838-1] shadow security update

[Balint Reczey]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Package: shadow
Version: 4.1.5.1-1+deb7u1
CVE ID : CVE-2017-2616
Debian Bug : 855943


Tobias Stoeckmann discovered that su does not properly handle clearing a
child PID. A local attacker can take advantage of this flaw to send
SIGKILL to other processes with root privileges, resulting in denial of
service.

For Debian 7 "Wheezy", these problems have been fixed in version
4.1.5.1-1+deb7u1.

We recommend that you upgrade your shadow packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-BEGIN PGP SIGNATURE-
Version: GnuPG v2

iQIcBAEBCAAGBQJYs2TMAAoJEPZk0la0aRp92h4P/AiI4RyMXC+6zWLWSNeAC2nM
ubVHSCqJ0X+Ywn4YB0qm88BIni+xXFoZUuQS01qXW3vPPn2xLdR5apSwMAfhRyE6
NJAKQQplSARx33l5gdT+S1f2lqiga64OHeGq8cAXmV8LYL2xrfGf8ZjzRt3pS1fP
3vH17QfLEKlMVCN07ZeSu/lOQ8nPA5KKdpQg7NUfiheJT0TxdTch4zhDPEgwu3hr
Ll/BSakluZiPUyQ7wMb/EwQcas64/5W/GE71FqDSi71vWZC0cijjxAx+ilcNCy4U
zSHRVq+m35JiCyr5h2CEwWIef/Ot4kwdOPoGUP8zeYt8Stm5jsmSW7o1JFyiHq9d
OaFi6+oWAJwVT3Mwra9+Gju2PL6BIuqiaeG1CZEpnWDnlZaMNsSf0wl0jnzzttFy
qo+pX4rFbCqVUanf92ppNkFKQo0GNbyrRUA/DglXpctlD6K9y+GagV1ZF1RIHIjR
eQlXgK5Uyx1F79SGupkZf/aHRJxgjd+lnPJR6mKOCfhazHLY7aQxU/JsS2BidVUn
v91V4+tIHGHDoXfZom2EhLPKZTINgdhLQnzgr1ReOLZTS8jlG44VpBeDaGNak2f2
FVNu/oZfw/1QeEM1nov3Cjg9h1ZJhYH57d5ZphaOPUaoeG67Um275uFkEizEc9gI
cLdDVx0wfRF5eLoTbaOV
=ydYJ
-END PGP SIGNATURE-

[SECURITY] [DLA 819-2] mysql-5.5 version number correction

[Balint Reczey]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Package: mysql-5.5
Version: 5.5.54-0+deb7u2
CVE ID : 
Debian Bug : #854713

This is a correction of DLA 819-1 that mentioned that
mysql-5.5 5.5.47-0+deb7u2 was corrected. The corrected package
version was 5.5.54-0+deb7u2.

For completeness the text from DLA 819-1 is available below with
only corrected version information. No other changes.

It has been found that the C client library for MySQL
(libmysqlclient.so) has use-after-free vulnerability which
can cause crash of applications using that MySQL client.

For Debian 7 "Wheezy", these problems have been fixed in version
5.5.54-0+deb7u2.

We recommend that you upgrade your mysql-5.5 packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-BEGIN PGP SIGNATURE-
Version: GnuPG v2

iQIcBAEBCAAGBQJYnauEAAoJEPZk0la0aRp90xkP/jLroLDDyIik0viip9W6Ml/m
Jj5F8iTjEUwsQmmLSkji+zXnMMz0VXPdB6UyM4QyNqslG4jG0DK16CVP+ElXg7ds
MKCMrY9TtRlgG85KB6BXdRIdgCBX4GhijtinMCJQ8LzAc4KXx3fN1XnCdYKIh5m1
jes7/AAPIRErao0/+SWOo8nzRjdr/FAE1JAUFggMB3p9B1CgKrBlHyMku59EUz7w
+6HI9NIlQAGaTlPjp+7FNZY5skB2nBcPqsxBxQ74Y9HUI3rRHlv7mi89WuMWt7+r
C9EyLf+AO105JcA75WXYVPDgcFYCDMhZo7s5BuovH4Iw8e7pkiXCU9SfyZTR0ZJe
2UVMOAfZk/Dqo4PhY3H1V9ezM1Y24OyZzslnbpzkEP4EsAsconC3EETAxEcRbdbR
ohIFm8X5pFZwMQmfIJ+P6fywetnD5HlD38hF2enRxqTN7fHIVz7xPixLC/4Lk3t9
aJactd+zyzRR2dtehFQsJnUODV7B8pGICoF6saYikEdHnY/o7Iq7lwo8UK1NZoAN
zhmm3VkyQFNOWRPaghE3LCDkdvipabAIAqiX02UbPPUduSe5W6/MSdmXhS/Pg81a
OxAwaLkt7FdGlpwm2hewqZeegRY/qCECg793dHFliofpgTJsNhG8nn7XEMaKrER8
fomkEBqmXUCLeEUZBo+g
=yupE
-END PGP SIGNATURE-

[SECURITY] [DLA 819-1] mysql-5.5 security update

[Balint Reczey]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Package: mysql-5.5
Version: 5.5.47-0+deb7u2
CVE ID : 
Debian Bug : #854713


It has been found that the C client library for MySQL
(libmysqlclient.so) has use-after-free vulnerability which
can cause crash of applications using that MySQL client.

For Debian 7 "Wheezy", these problems have been fixed in version
5.5.47-0+deb7u2.

We recommend that you upgrade your mysql-5.5 packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-BEGIN PGP SIGNATURE-
Version: GnuPG v2

iQIcBAEBCAAGBQJYnMAMAAoJEPZk0la0aRp9c88P+wfcaIk3DssR/acJnGJyomKW
4MrYwqC+tGfB/5Lm3xPqaAMI2/FJ6mwiLjsIgCPJwdL7KjEtZWVys5NgFX5EFWxJ
94Fu5C1u1HRG1z4wzd0f4AdLWssjyffFbUrxvRpCXNMiBOFqu1DSCqcF6ILPTr5k
6LcB1mNVZUAcaPU51hT4Loq3dSaLJUI7xFmzioHcQLRCVzua9SdEP9dj7WNLytMn
urT9cACkLG/JI8GTnUGH348ISqwuKcuKzAfqvX5XmoxMB1Xrkjn3nFgA7s6g1GSA
seo78rCB/fXeG270RPB6JEaWY7oTyrFsXUxCh/20QLDF3NAhPeVAzzwoUPqCyQFS
0yyRDrJvjP3nhSE7A4be/X+jFlcdMIj3SOfpFhpxUFk1iE+GNZX0NjA/8/Vtw+OM
BcspccgNhVShOWCQTeMZ94B/3+Zk5al+k3Mz9zbEM5y/tql0Vm7xrqvkmEvqX6y2
AI/7djoUPVUljghhVmpzdI7hEqz/QxhpPdfNf84Q11RtYk9XW7KXB9nVZmNNJSa+
Vnt8IcNZFQHvKmtHf0qUU4LF0xbPV4XQOwbQxBOlVh4EeJ6rAz5ALJ0J6NzSqkST
hjmEQm84ZCqnxg/54o1e65JhoDia/rgDCKJWhYguW5rQE7BvnUXt7+rH1j5nDWzj
4QIBaalMi/bu09cZHCwN
=sBXP
-END PGP SIGNATURE-

[SECURITY] [DLA 804-1] libgd2 security update

[Balint Reczey]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Package: libgd2
Version: 2.0.36~rc1~dfsg-6.1+deb7u8
CVE ID : CVE-2016-9317 CVE-2016-10167 CVE-2016-10168

Multiple security issues have been found in the GD Graphics Library.
They may lead to the execution of arbitrary code or causing
application crash.

CVE-2016-9317

Signed integer overflow in gd_io.c

CVE-2016-10167

Improper handling of issing image data can cause crash

CVE-2016-10168

GD2 stores the number of horizontal and vertical chunks as words
(i.e. 2 byte unsigned). These values are multiplied and assigned to
an int when reading the image, what can cause integer overflows.

For Debian 7 "Wheezy", these problems have been fixed in version
2.0.36~rc1~dfsg-6.1+deb7u8.

We recommend that you upgrade your libgd2 packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-BEGIN PGP SIGNATURE-
Version: GnuPG v2

iQIcBAEBCAAGBQJYjb6hAAoJEPZk0la0aRp9MXIP/1dm1VDPNMCU4MlrYx+4JsXe
zGt5RROeZ+VQOpnmBHhy3jmLw6yH7GTXzOEuJqeuTfOIOTpSgDi1eBE/KZQsUN4R
wEFpNorHdkFKJjrgtWd7TXOzaMechuscs7XZTPUktS12BHwoVebpywfrfm+6kPOg
vh687jo8012nabpVRTA35Y70uOVs8kMZ40E+54BfriynXwt696pK+73xdwP923bK
ygc/Rf5aPFGZ6ZiocHWegDUTPqL+qSaR+PRHFfk2n7WCGOLqDL9YtwOk4muPjBbT
XD0zDrFGaedIdEjQSq5vrY6Ff4A01LHAAHSsmGWFn8rmRYJuwTz0ijWbjZlbjOOT
uOh2kiJ/IO3PIU4tZFL/YU6HzPLBXyHqIVdpww+GyGBaYFk4VlGPLlYW5GOFu+Q9
EScc4RfNEKjWZKEznp0dmafQTZ1FhPJ8h39f8OT/2f3F3htIUaYQYZ6SLCSO5mKs
Wgb9sGDIuCLyvsQjjnyG9Hxe7jBTiAkxDHnxkML+uEXqt0eo8ejkrXxV78HytsLI
U8f8VR1RuysLaI4LYToA/fjdhBMy+cLw5BISMmThPl1r8by8kPjt7QjPdWT9WfFr
CxyuTLHLGMCIjimXmSDVRKKfzV2b/3qmc1ixwkghe7kxreNN1j8J1WbyF74+mFuL
GcDYaNpjC9i1+GszR9fD
=LIcn
-END PGP SIGNATURE-

[SECURITY] [DLA 755-1] dcmtk security update

[Balint Reczey]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Package: dcmtk
Version: 3.6.0-12+deb7u1
CVE ID : CVE-2015-8979
Debian Bug : 848830


At several places in the code a wrong length of ACSE data structures
received over the network can cause overflows or underflows when
processing those data structures. Related checks have been added at
various places in order to prevent such (possible) attacks. Thanks to
Kevin Basista for the report.

The bug will indeed affect all DCMTK-based server applications that
accept incoming DICOM network connections that are using the
dcmtk-3.6.0 and earlier versions.

(From: http://zeroscience.mk/en/vulnerabilities/ZSL-2016-5384.php)

For Debian 7 "Wheezy", these problems have been fixed in version
3.6.0-12+deb7u1.

We recommend that you upgrade your dcmtk packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-BEGIN PGP SIGNATURE-
Version: GnuPG v2

iQIcBAEBCAAGBQJYWb4AAAoJEPZk0la0aRp9Cs4P/RrPizhJS6JlSmgjBV1/rNdj
xUVYflCT70UsM31gXwUy8tUZ3cTP6xWpcespY54fq2rXPfwjXQxf0vOX2wV/sTrS
GtLxRFLnaE2wv8jTkHP0PxunaPvzRYdr+OPXFXoIn8BERXFsiulhhSzsRjTiaHE+
qAYnHoP9UCF5QeFruqW+v0SlG0VQe5fYONfbDJ2zGN/PmcyF38CkMBYb2gUoqHDs
6UT9Aa2LTpMG4MZSmCML1rSv+We17CWExZxfGqNA5+ecQLbjbEUaLkG6zm7ZtM8v
i/IdumYDOJ+aiKxd6r4A3aBMVta/xC3L35xVau/D4mK3Z5tAWBSGxdKWv42czZDL
Xoz2ac+pZOMGiUXoVINaRGsfMqc4lIgqMlialAmPBcD1R6Bbfnhh0W5tvwDci84N
mClJyej6ePrp+agXPFuuzfRFv+LtrdEpfAPiHMVhOXeDbNimoWol0L82R/oOHQRm
hH0aU1lHXRWaHI9I5j2J1ax+XHzHArz9oq8hjkqllKtvBUjdkfOvpZ2pHofNRXow
O1nT6LDVdEhqYm3hJW9k4nkTnp/MbXAlHXqYI8KCrk0ydmL9slc6OMhCBwMmbcFj
tUosFT+mdfKqJjlFu5SXmhW6qxSC6c9t4CnE+Dk287pZ7l09mGPvOT321nxzbWEv
SlMdCheg0KTm8lLZLH+/
=SeY6
-END PGP SIGNATURE-

[SECURITY] [DLA 707-1] sudo security update

[Balint Reczey]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Package: sudo
Version: 1.8.5p2-1+nmu3+deb7u2
CVE ID : CVE-2016-7032 CVE-2016-7076
Debian Bug : 842507


It was discovered that the sudo noexec restriction could have been
bypassed if application run via sudo executed system(), popen() or
wordexp() C library functions with a user supplied argument. A local
user permitted to run such application via sudo with noexec
restriction could possibly use this flaw to execute arbitrary commands
with elevated privileges.

CVE-2016-7032

noexec bypass via system() and popen()

CVE-2016-7076

noexec bypass via wordexp()

For Debian 7 "Wheezy", these problems have been fixed in version
1.8.5p2-1+nmu3+deb7u2.

We recommend that you upgrade your sudo packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-BEGIN PGP SIGNATURE-
Version: GnuPG v2

iQIcBAEBCAAGBQJYKhbVAAoJEPZk0la0aRp9rLcQAKfu0p5Gv7tCzNgM34VPpXCG
y/xrxEJeXhcDJ/Pff9GUDNm9+DSdcNSSCYHK6+PAlTJqppwkWsW+BiPyqMkQrg1w
nsVxEcq+n0GH9X9ENQixc8CRXJCpYSYakJyLhDG6khtwjv98Ct6kjkidHuQBLVDg
t6zBnC6O5aKHzg2knT4tmePPWVMe9MupXVnXd94cuGyFGodz/bHYk+tlwUjl+4+A
T460blhsmoxkD6TUv5flhcjSFKP9H4W95V8tRNXBUpodrsTtA3Lw5CA8+8ZlR/rm
QLeWN6ph7WCMkde+zUjRHef6IWEYcNls5VEq3mGw6dhZA/NczLJkH5LrhtXZbpk5
3S3c2cbYYBUabbM4uEgib1tKFKmIWfq/gbfKw3D+CtcUnenLJGXRrp01xKRnMAM5
GRWqLxR2bMFSMfv/JEFOG93o7/gJdtMRzGGURIWKVEZwF5y0y2Z19VzEgbvK+pXH
2E1SZMoIcV6cZcjVnol9mE9bbrX8xFcYs/yC5yMuDPDgdq/yKKHAxPYXsyjE2htv
uH3GH+QgBDiIwhsFlCv9iXyaPAJOlnMbIgusw0jNDh8ictcru/RIq0PAUT8CMHjf
r4GQDnsaBMLjrsdIWxa6QUrafOA6oiFjDYlx0TQBGopaLBYqZnvYxxTriSr1vAqV
Kf2P3DYAa9xLWvpNB6XN
=yXps
-END PGP SIGNATURE-

[SECURITY] [DLA 694-1] libwmf security update

[Balint Reczey]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Package: libwmf
Version: 0.2.8.4-10.3+deb7u2
CVE ID : CVE-2016-9011
Debian Bug : 842090

Agostino Sarubbo from Gentoo discovered a flaw in libwmf's Windows
Metafile Format (WMF) parser which caused allocation of excessive
amount of memory potentially leading to a crash.

For Debian 7 "Wheezy", these problems have been fixed in version
0.2.8.4-10.3+deb7u2.

We recommend that you upgrade your libwmf packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-BEGIN PGP SIGNATURE-
Version: GnuPG v2

iQIcBAEBCAAGBQJYGfjGAAoJEPZk0la0aRp97QcP/jocLxjkuNCeUSJJ6awFhTCe
5FA+Ufmbf4AnaccnmfCS1yenadgTkEmzbEJrBUPbfeqAsMaT+kaj7GXOtSAQHwCN
jq30QZMSfNQJNzE+f9lPntM6ZD9xkjdt1twfuVS7JpA4bY3qgP7uBUEySnwOnSXU
kxTr48dCi+WVksXQ9h7Snk6ov2wedmrNEI/j0ukC1vIQ97sX3y6aw9ijuIqNiW8x
Hnl7/11zFjV5aDe7jaMHeT1xg4c6PVmZmXxcHzrqBEZVxpikc3wEAi+UPSjcc5+R
ZPxKFq6HCSbttj9Ftw3nOvuvzex1o5Gn130MsBqIJJ1JTyZ2ytDGn7K5+nJOP8yl
FFWMYKf02Xj3JmYqiuuv34QmZDO6wkI7gMCW2Ohm4SpYC2lTwr5BEi/2tSUV2Wrp
TIt4zZsNq3gYUuPF73MKVktOd5SwMIWKIe1l37yFLtoFqukvxUc6Lw+aR6K7mEjT
zU5Ge4amc7tjG02qgbvwpAOEdLGiiBhbD8ZNwWz6dOvzjWOzv3tkRylw9lX4OALI
rGDtaf9jCQhGWAGxbBM6uD6hz+DVIZJBW9Euyl0hErb0OCcANpIlIr7nj28Raaqt
pYL1GKc9Ajwbm5LQc6g0djC90cyoPushTnWds+JaPomCvlVX5aV0hxKjyQ/qKZTa
epMQiVdakbDcB/PWQvi4
=eBHk
-END PGP SIGNATURE-

[SECURITY] [DLA 636-2] firefox-esr regression update

[Balint Reczey]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Package: firefox-esr
Version: 45.4.0esr-1~deb7u2

The update of firefox-esr to 45.4.0esr-1~deb7u1 caused build failure
on armel and armhf architectures.

For Debian 7 "Wheezy", these problems have been fixed in version
45.4.0esr-1~deb7u2.

We recommend that you upgrade your firefox-esr packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

-BEGIN PGP SIGNATURE-
Version: GnuPG v2

iQIcBAEBCAAGBQJX7pm5AAoJEPZk0la0aRp9ZS4P/1QFwUfLRX0QIRDEcFM070KO
ttG4mYVawuKqIKyoIZoPazRAXt124+eHFnNK1AONdRp7YfX/t0u0pz9LZLdK8yS3
cQWe9Fit1phbtcwjYrLHuK4pHbSwpN9763g6iLwAMdELQ3BJvrjdRDBlo+eWavvf
u0sxQG4UeLYtLCiTsppccv2uvX57LAs2lK64CCe/G3T2UA0FGcnKSuHOyrK+2zxQ
pAzEN9VYZ4Gqzk8W0HwUxdb3h1mlc9SUp3Y3PA2AuiuYY3elTor/X1fYrDQNEgqj
rB9SDu15YfCAdY6cqhsoV9QIr8SU8ze2M/fvZetY5FRc6cyAl/6nJlcQIxcr7G7B
GJU/ZYt3wWjVG8RpzPwTzb7GSfKe0phsQuOCOB88pawqbYCqG7mn6LjNk1Oukkmk
/4YDn1w9vgU95ksTXV1Q0C9mSQU7GYQkK4kHoQLHura3vex+GyWvXEDWqnB0VZQx
qA8aOf2Vt52Rfks/cKMhoZQarTgbMIg6F8U4K06N6ruWVcFL19MifIGU1G6VBEUm
hS9LZwwmU1XX0vIXUKVdgI8cpd1jUXPiAzq53Qr5fxDtVgc0NUvQ5JYI221oChmZ
+O5pHSqVpb1LLkvYkFMW6BFbPoC2+pRKxebhYreTtLC6cU8t7NdwwzyYqJxj3UhE
w8D+l5whW5qGSbI7X/SG
=MoG/
-END PGP SIGNATURE-

[SECURITY] [DLA 643-1] chicken security update

[Balint Reczey]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Package: chicken
Version: 4.7.0-1+deb7u1
CVE ID : CVE-2016-6830 CVE-2016-6831


Multiple vulnerabilities have been found in the CHICKEN Scheme compiler:

CVE-2016-6830

Buffer overrun in CHICKEN Scheme's "process-execute" and
"process-spawn" procedures from the posix unit

CVE-2016-6831

Memory leak in CHICKEN Scheme's process-execute and process-spawn
procedures

For Debian 7 "Wheezy", these problems have been fixed in version
4.7.0-1+deb7u1.

We recommend that you upgrade your chicken packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-BEGIN PGP SIGNATURE-
Version: GnuPG v2

iQIcBAEBCAAGBQJX7pmBAAoJEPZk0la0aRp94LAP/i8dZ62I/fM/MnbJVjyhyWEb
e2FmsHO6CFYP5KaR/hXQv8oKpssTlabLAQzJcbgN9RJbqZ7SpWmaFBXINIWxsCEB
qJeCG8bLQs8qrKP/9JYbQxsr4TMvq31yk5i0AFTkELTcKdWi+ORa+1+5mmzBCh7g
azlaONXKxTtKDzQ6hk4Cb8tihbJVZQ2S/8BHVn+EcSlUJBOe05lonuT8Nb/rCSer
dQ3ZRtgqyVUd7hqR8eZu7Nms+2cxcjjSGfBPM3FnT0uajY9piwBD3lJtH99a7t96
zf/b3sFEvIkNie4I0otharywzcrXZU22MjVw6DT3PJxFdUDbfvsMLH+D0ezBdS28
DFTQ53tsLoby/LW7IEj8y18fYVZ276N0UCtDCbquv7HQa3JE8DbAZUDojlNu1WNI
Fe/r8LW1v4ddA64VOg3aqxKDxZjLq7yv3aLxOf/QejSmP7EOxmrIcZ0q0SkAhaGt
S0liJcAACY7RLxd2VCbWHPd75tNkbuQ8oYLEsGKeuXhgrpEyhV2C1zEvixaY5hom
+Vp16GZROhT8PpsR/YB6wo0UQ55YWhOW4AzMYk5sZwpJrKDfjISPl+48RQUjq4Xc
XUAru0HNx866VbzhTpuhur3XluaaHwUrll4m817xatRs9vcrl7KuIjPRGSeuYsPa
Jlf08vQEUMEN6+eXQ/1f
=9BJF
-END PGP SIGNATURE-

[SECURITY] [DLA 636-1] firefox-esr security update

[Balint Reczey]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Package: firefox-esr
Version: 45.4.0esr-1~deb7u1
CVE ID : CVE-2016-5250 CVE-2016-5257 CVE-2016-5261
 CVE-2016-5270 CVE-2016-5272 CVE-2016-5274
 CVE-2016-5276 CVE-2016-5277 CVE-2016-5278
 CVE-2016-5280 CVE-2016-5281 CVE-2016-5284

Multiple security issues have been found in the Mozilla Firefox web
browser: Multiple memory safety errors, buffer overflows and other
implementation errors may lead to the execution of arbitrary code or
information disclosure.

For Debian 7 "Wheezy", these problems have been fixed in version
45.4.0esr-1~deb7u1.

We recommend that you upgrade your firefox-esr packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

-BEGIN PGP SIGNATURE-
Version: GnuPG v2

iQIcBAEBCAAGBQJX6mCEAAoJEPZk0la0aRp9YSQP/iyTFaCmKBS37LK+IiQAvsQk
jlf508vMQn6cBxO45/yazbHFN9pc5gUe7dxdvHnHMLmaEUoMlHOYUI3BA1XNwjG8
opbhfsltLEdm7pkqNw+qb+rQbjYTCgLMkehiyzjGcfc1q25ai4UsW4fR74KI4IhH
psnl5JtP+QGKYcKM6+sgF57SGaf5qKjxw45aEbIrrK/ChmP1Ii8g2eBJ5+iE41u7
B9uY5AEpQ1nRb4TTAhLTykDSRWylPU1Pjvgh9TNlNkbwRm9EqUp/cDZj8Dm+8eXh
flRFC19G+v2azHnfFkw3W32kjOR0IgOYoFPYwOenRp7WtIOWk+SZZGuqUUpDlwId
Q+IwvFfmOR3Jp7QBcWt1XEQJtCHmyb713hhKJ9sV1mON+thDBrKvhPklh5cu3K7n
2RNEaSXmK0ISi52OqfLY+oX99vL8IyklPi4pIx0NdSSPFwfSjgtdYBBef1d9Utfz
+WM+nASjfFOE9BiIvxacRj0DrFuQDGHSHXHWwKZ4qWW+goF9skGbz9OIhk2V76lM
egsHA8W3qJaYHmqfSF2BQ/qD2bdoUT53JW79C41xXJmjyejy1snHUkzLBy7qafxQ
jz/RlTurjWOdS/V1RBedKgYAsdX/yq1Cdpa//OhRdQ7nTrNh9D2N199MRluSQbop
QSuI/CoQoHtKEjdwiUDa
=MPZw
-END PGP SIGNATURE-

[SECURITY] [DLA 605-1] eog security update

[Balint Reczey]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Package: eog
Version: 3.4.2-1+build1+deb7u1
CVE ID : CVE-2016-6855


It was discovered that Eye of GNOME incorrectly handled certain invalid
UTF-8 strings. If a user were tricked into opening a specially-crafted
image, a remote attacker could use this issue to cause Eye of GNOME to
crash, resulting in a denial of service, or possibly execute arbitrary
code.

For Debian 7 "Wheezy", these problems have been fixed in version
3.4.2-1+build1+deb7u1.

We recommend that you upgrade your eog packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-BEGIN PGP SIGNATURE-
Version: GnuPG v2

iQIcBAEBCAAGBQJXw2FOAAoJEPZk0la0aRp9cSQP/ArTK06dS78tcIsfcWiRWMJd
49HvUS4NW8HBckflneygrBHFouyPrcqSjAf4dWy3qsD6NViTkqzNRijd3/cRkU4U
OUTdew/hTE+7zBsqHlFF+MfQRAV2bIzoWAIqPhFGCOK9YzVPQbgeGgfl/TbszvxC
MypImPLBAeXDksO8tc6ykYI36AxVF48lIK9QVBGxjcDFNjEGtk+9kqwhbB2TznZc
AI7fBAxTFI+AnVJbVPLKlkHwYd6icHFZNHxJdLy4E1ofQjNV/iUnG5bhl5VbpTgL
b8qod70ftBjZtm/ivzrLJkujDp5/jNso9LNSOACk7VWsjr4xkOCtn3OWZ2fjpuKi
/hM1M2QUkyHE6j2bdxmKi4gEthkxW9/AqkJr1zwWNx7JoNCqKqBLc/r5BS6KPTXs
BIDQVz8nKVMOsW3s8baXUOnYROyxQY4YgTBYPTFf8isANZU7aa4vN8IGUgwf7T/Z
8ftJWh7dIUit0dObHBr7LXSdSl1LycGBgTtIWQx2JlTd7FV4rrMCwylzbfrQQZwG
2QNcVh6Qt3/6sO9nImyP6ubo5If2y2+ATK7nqmtYISn9niPVXrYN8LnsCXMx/Nva
Gobr6aKNupYdW+1qmGb/n1o1wY/pj40PUuAQoBl4clpKsR1zwS/yPyATLwzIMrFq
aswMAZmUsXLb8NZkrnzH
=j4g/
-END PGP SIGNATURE-

[SECURITY] [DLA 595-1] wireshark security update

[Balint Reczey]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Package: wireshark
Version: 1.12.1+g01b65bf-4+deb8u6~deb7u3
CVE ID : CVE-2016-6504 CVE-2016-6505 CVE-2016-6506
 CVE-2016-6507 CVE-2016-6508 CVE-2016-6509
 CVE-2016-6510 CVE-2016-6511

Multiple vulnerabilities were discovered in the dissectors for NDS,
PacketBB, WSP, MMSE, RLC, LDSS, RLC and OpenFlow, which could result
in denial of service or the execution of arbitrary code.

For Debian 7 "Wheezy", these problems have been fixed in version
1.12.1+g01b65bf-4+deb8u6~deb7u3.

We recommend that you upgrade your wireshark packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-BEGIN PGP SIGNATURE-
Version: GnuPG v2

iQIcBAEBCAAGBQJXsddkAAoJEPZk0la0aRp9yUEQALcZFndaOAASfOg3zs3Uy22U
yz8DWvOefoHy9cxOXW3sP7/gYY3xm5ojqzAxehSDty93OP5dOZQBTvPap/G/0g8n
qdaRQC/D3i+AtMNBeOicu49UQC20FOW4w7xEGLVbHUGIP/OejeSG1nDPwPe9B6kb
5LFHf8O1vEUN2MEqKchj1TegdDDXCLMNGslg1/fShqCoP3wv07iFFONyFhCzOLo4
tkrQX0+pOJb29PRNnOic9cnROSi4hX0whcVrOWlfeJ+pK946+aJod/8fg4K9bJep
BjIi8lSbAaISg+/T7HqZPDCyRVx9VTSnQa6CNd7Eflbpkxddp6LzxEVM9u09keIx
7sePt/r+9gkw5qLdXK9yNQJiLOnEZQqsd+78acfp31XffA0nygAdsxx6oX7FE0jM
cExi4DTOACsaQ1inM1ygpIzIbAr4x7loxFspRH3mQuY8cwG0bG/uuBtv8IgXilZ+
kaL1q8bU9EA3xSC9+sfPzQFMdSZ9G+tAaM7bU1aGyYvPv7rSD+EtrWIlvbSzPHJT
4T54+mM3k6YnS+MZRIdcV1xLzgT7Y2wZlYg7Jp8nhz2qL6CROl6O/mSbp48NqlO3
umpw+D+NeGFC/+sygU0osOZVgyXdjdDlp3N+eUcp1koKjqtTv9MKy76Ifv/yu0+h
tj7lmdh4ybkOBhQZO5LK
=IOJq
-END PGP SIGNATURE-

[SECURITY] [DLA 591-1] libreoffice security update

[Balint Reczey]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Package: libreoffice
Version: 3.5.4+dfsg2-0+deb7u8
CVE ID : CVE-2016-1513


An OpenDocument Presentation .ODP or Presentation Template .OTP file
can contain invalid presentation elements that lead to memory
corruption when the document is loaded in LibreOffice Impress. The
defect may cause the document to appear as corrupted and LibreOffice
may crash in a recovery-stuck mode requiring manual intervention. A
crafted exploitation of the defect can allow an attacker to cause
denial of service (memory corruption and application crash) and
possible execution of arbitrary code.

For Debian 7 "Wheezy", this problem have been fixed in version
3.5.4+dfsg2-0+deb7u8.

We recommend that you upgrade your libreoffice packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-BEGIN PGP SIGNATURE-
Version: GnuPG v2

iQIcBAEBCAAGBQJXqbyXAAoJEPZk0la0aRp9UWcP/Al22F5NbfIONEjvWxGl1LgG
zRhIGsINBTrl/1PVyZ87L/KMPbUxev4KNazLoiKjYoqlxlb8GOUCf6n+azpMH+bl
IrLenoUrUncaf/dQyg/ftGbsgofPbAgmRP0Fw4GNcMR6PTzuaCZ12OVoDbGTO/Jo
YwHOERGS/p1s0oqPzFsag5WQx+/41eFgj44kQCQGPhCpbTwDDoO7aeOp6wlV7y4S
Dr3ObfCaHREtEBUJWBmgUqpggoYlKjfSmh3Lp+QCD1OLiP+kjAmrUyilhtWnp32E
q8Pg20wNFH5t9SFQI4E4LOnIvnyVZglH/FjpDjpSs5ljuqKw798MAEmKAa/btbbG
YjDS3vKSTARpza072uYmfK7UNVQctKzB29e69DRTlVQLZLv6/Ada1/u/E1qDez/p
6/5uu0t/FX0ewXrksCPgVLNUq1HzNyobXbs+dMFFcYKMeONfLpbK8OC2k4IcRexK
/ZNjx6Z0SNwq9Q/1iiAljvgORx/PLPjTBfx/zAQelSC0kIFSxdEw2rQVvH6QnGU7
RSCMsc6/ewWVweRHckEf3YB12agxvECmDof3XMkq1rhsYlffim+yZjkmm4FjfIWF
kM5WCZVDUHYTpxY2rQfvFmijnEvckwTNvgaClio98imOD1B4hy1TUxhwv5Ti2kJb
dec6ZMtwjvS7nlJA/8ZC
=qvnG
-END PGP SIGNATURE-

[SECURITY] [REGRESSION] [DLA -] graphite2 regression update

[Balint Reczey]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Package: graphite2
Version: 1.3.6-1~deb7u2

The previous upload of graphite2 (on 2016-04-26) included a .shlib
file which did not match the shipped shared libraries preventing
packages build-depending on graphite2 libraries to build.

For Debian 7 "Wheezy", these problems have been fixed in version
1.3.6-1~deb7u2.

We recommend that you upgrade your graphite2 packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-BEGIN PGP SIGNATURE-
Version: GnuPG v2

iQIcBAEBCAAGBQJXnx8DAAoJEPZk0la0aRp97uoP/jzwIsRlkymI4zVLe2jWprtS
FYG2k41hg6YHXLoVSj4UK3B5iLf6nXY0G2JgrBmSBYfgOaW+slQflt7p7GkPGctF
MheNJRSJ/5IqfOGVtdxNXW7TqlnzgVssDCg6tglTubxxRURRdcl577onnuMoIiUy
pyDrkIyeiGa2xRZtKsB9Qv1DyDP2MhmUMKr41X4IFMzKGdJto4e4PjV0lq8PSHRK
UIiWulIlg6EliIWjwziIg4ISq+RwtK1GFX7lILU/yrRSe+QInzTmXcgXZ4GXMkxn
ckCWa2wUtw1RIZdfOEKOR/IM2ZrwSIhS/dzSKkI5kkjlb4tcZ7fxc7iBWJNWf1Bn
ntorfrtbi+h2X02dYRi9aZ2lPvo9Or/wMh6PEMJVJb+oXROGbo8Fv1c9nPk7s+V7
dfInY7Hfr7iZqi1I2gsFExYJo29l3zF5Jqcmldch3REhS2dNT5wUKZh9ZP2PSrQo
RNZMaRvE9US4iIWeNoy7vSCchIYoWC3IBtJG7oDO3Os332t4P0Vgudy3iTIV4+qR
vefjLXuJG+J6NuMInO/LBblhEAEt9NqGP/yry+0c7rOC8Oac0JGe47bMqgOrODF1
P8SRRhPcTiDoiO6qge0uUL+kmTHrmA33Vyogu2438XIZUV/VxFOd4EqGoRuv2XtB
LKyPgS3gCksYIobuHoG5
=CmfM
-END PGP SIGNATURE-

[SECURITY] [DLA 570-1] kde4libs security update

[Balint Reczey]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Package: kde4libs
Version: 4:4.8.4-4+deb7u2
CVE ID : CVE-2016-6232
Debian Bug : 832620


It was possible to trick kde4libs's KArchiveDirectory::copyTo()
function to extract files to arbitrary system locations from
a specially prepared tar file outside of the extraction folder.

For Debian 7 "Wheezy", these problems have been fixed in version
4:4.8.4-4+deb7u2.

We recommend that you upgrade your kde4libs packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-BEGIN PGP SIGNATURE-
Version: GnuPG v2

iQIcBAEBCAAGBQJXm++mAAoJEPZk0la0aRp9QEIP/3hDZi/pjlxDpSrBN4PEvsjB
eCjInlj0naRagCR3/AC/4IMVCtfwQZr5UrT5cm497FLZvvFvbgjFgOVa2GeUEYu1
WlGBVrzf6qvrjeM2TFMFhBGK1dtIpTedzI0MVC7n9nGhuCOCPWCKmTNLcjhrR1/I
+nhYgTpLkYuTMnUPSd9yCeMXZDgeCTVtfMNLXQ+zl/Kn1XrLf9wN/2u8jQxQoTuX
kg/kKYq8UwqNEVERWsmaePiFkeeEf2UdDZ5U2JDY+uGm34rcXuvsWFKnGV5O38Aj
rT5HjUIgBEBzywjCxgj+GnkRyhtBX2YsR1h/Kc0lChi1xa+tY/rGH0kQKtUimYkC
1UQnVWZRQd+k7Fn2VyXHYh8W9pLoG6I+ocafDqWvJH71eFYxHcpjC601XLWP7LFd
MEu9rkTd44FNaxSljW29E062eetbtJ1XlmKoKp3rn83RaJ8sVf123NVAzylxfLZ7
jR8zq6pAZYEkG/qJA38zLnDEXlfFnLec1J/6h8uQgq6gJZgd93Ca8mUwiNO1en7M
Tnb8oY4DxgqDlI8Sp/ovc4EhXDTMQBbQuYSgMhXIL0zZ80kjXDLnKspBRo5GTfzB
Vz7lBusQwb1CkJviV+9MgSJzhRutblUH1hy4v4bjPxl4zM3YBuhRU8reOm3RnJIv
MpabyMBWLQWlXC2LwJG5
=tYnh
-END PGP SIGNATURE-

[SECURITY] [DLA 566-1] cakephp security update

[Balint Reczey]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Package: cakephp
Version: 1.3.15-1+deb7u1
Debian Bug : 832283

CakePHP, an open-source web application framework for PHP, was
vulnerable to SSRF (Server Side
Request Forgery) attacks. Remote attacker can utilize it for at least
DoS (Denial of Service) attacks, if the target application accepts XML
as an input. It is caused by insecure design of Cake's Xml class.

For Debian 7 "Wheezy", these problems have been fixed in version
1.3.15-1+deb7u1.

We recommend that you upgrade your cakephp packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-BEGIN PGP SIGNATURE-
Version: GnuPG v2

iQIcBAEBCAAGBQJXmnJvAAoJEPZk0la0aRp9BVYP/AwaEyVZleQ71EYHsjPafuoF
1d3FGeZTNkFR+D8bf7+mgmHHtRDHuTCV8Xg0hJS8duXrmVEMQoeNhq7bxaIjLkw6
0kPgtgOEGdUhZFq34C5vOOH0mef3nJcnrlkk2uEGyvrj73jqR557UUGG547msU9F
dosYhFcslE79RtXFPj7IMURhKIXzNveWy36I0MUPqqRK6nbiCjEEUGkU2JlzJn0X
g+xOlpZB+fsqgLb33Qncn+/ghFx6jL0Rd25fLUvsd7FNf0zFbIlV2ZFzOsUYDDuq
HqYB1mXeSr3LveENVPHT3QdYhSCO6A+WEuI0fikoHOuHxvFtL0UehyclaKYWYl6h
rRQqgoS7Bb81g1Xw8+/7US8kreIH5oJQ+Ql8l1kGseRoGwriPr+rKPUyWx41/1xe
8XaLmoxfTYIwy76Kt2xy7SMgT8o1UGfk3WG53n6j/wpHnaFwd6CnyfJQmuFig4Z4
M9l3l71UR/NPWvNxf8Im7Bxi5NosrED+2viCaWVenckIDmEaXifindZwcTXwCwug
uplbTYaurjGKdjIV+L9cglw+96j+CEiWDzUnOAKY53RT18aHHqhLmApTP/Af6k7j
11WiOW1Alv4qDALWhvHzAbnQDl6+jjXW8/2KtZy5v7DxTH2P0LiwqE/cevEvizVg
uGAaQ1KjPW3CfYRn80re
=7bDr
-END PGP SIGNATURE-

[SECURITY] [DLA 497-1] wireshark security update

[Balint Reczey]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Package: wireshark
Version: 1.12.1+g01b65bf-4+deb8u6~deb7u1
CVE ID : CVE-2012-6052 CVE-2012-6053 CVE-2012-6054 CVE-2012-6055
 CVE-2012-6056 CVE-2012-6057 CVE-2012-6058 CVE-2012-6059
 CVE-2012-6060 CVE-2012-6061 CVE-2012-6062 CVE-2013-1572
 CVE-2013-1573 CVE-2013-1574 CVE-2013-1575 CVE-2013-1576
 CVE-2013-1577 CVE-2013-1578 CVE-2013-1579 CVE-2013-1580
 CVE-2013-1581 CVE-2013-2476 CVE-2013-2479 CVE-2013-2482
 CVE-2013-2485 CVE-2013-2486 CVE-2013-2487 CVE-2013-4079
 CVE-2013-4080 CVE-2013-4927 CVE-2013-4929 CVE-2013-4931
 CVE-2013-5719 CVE-2013-5721 CVE-2013-6339 CVE-2013-7112
 CVE-2015-6243 CVE-2015-6246 CVE-2015-6248 CVE-2016-4006
 CVE-2016-4079 CVE-2016-4080 CVE-2016-4081 CVE-2016-4082
 CVE-2016-4085

Multiple vulnerabilities were discovered in the dissectors/parsers for
PKTC, IAX2, GSM CBCH and NCP which could result in denial of service.

This update also fixes many older less important issues by updating the
package to the version found in Debian 8 also known as Jessie.

For Debian 7 "Wheezy", these problems have been fixed in version
1.12.1+g01b65bf-4+deb8u6~deb7u1.

We recommend that you upgrade your wireshark packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-BEGIN PGP SIGNATURE-
Version: GnuPG v2

iQIcBAEBCAAGBQJXTWXnAAoJEPZk0la0aRp9b/EQAIskixovlNrvyC2YNJY/COvR
qcMChf8hCa3N8ghW7U2nVvf7I7215CHqFjt5L7JaORkmTYCoethud7f9FgA/Os2L
lpsRSCs0i2MOIKMcDdYd/2gF0k164uBsHnIKeZujr0mn4u98mYTgeWvuP/bBN8th
VLhKzkrJFLhEDOeKStjL9sQ1de2tH4SOPPNxbo1hqXVNd8oPUGkfT5goAy8LzuUx
m6xMOcBu1Ee+koJeJ94HpSydwPVcXVZse/w1gShllcPyCfASzNQP3pYWQRr9tDas
cs3eNCUPpGsF/zmNlxea1IXVaaPdTsTiYATMykOcKj46MNXh3/dl0LiqpvSFbm1C
TOvIIpEkXaQvka3qlXZ14yVMvQhSFxuqvE6147cCNk1eL46wySZ4587HxsSLyeaP
c/FvRzBZlB/n4aF0N3ORKY6J0LkVMfr5Ye0nfPJVnp5ExYsLoHu+0uwdagi72yIb
tHLN49ixPj9c2DePami1YOBBNyMB/AZqCpZMWyoHQ+3FriMq80u5snQLbgwXOMNH
7/GcoTITNdSUNR/VZU1Uc0PA6jh5tNr33luldLwyzLUVHlLnTy3IsEas4XmSVu4r
mmveoxqvLCUBrpcoXdBlZYX6d52MD50KHXV8ZfkAnEQxqCC/316VM00pa5t+zVUf
iwHPgkBSHx/+O9PFz7/f
=Be8K
-END PGP SIGNATURE-