BugTraq
[SECURITY] [DSA 2900-1] jbigkit security update Apr 10 2014 08:03PM
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-2900-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Moritz Muehlenhoff
April 10, 2014 http://www.debian.org/security/faq
- ------------------------------------------------------------------------
-

Package : jbigkit
CVE ID : CVE-2013-6369

Florian Weimer of the Red Hat product security team discovered multiple
buffer overflows in jbigkit, which could lead to the execution of
arbitrary code when processing malformed images.

For the stable distribution (wheezy), this problem has been fixed in
version 2.0-2+deb7u1.

For the unstable distribution (sid), this problem will be fixed soon.

We recommend that you upgrade your jbigkit packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: http://www.debian.org/security/

Mailing list: debian-security-announce (at) lists.debian (dot) org [email concealed]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBAgAGBQJTRvjcAAoJEBDCk7bDfE42yZgP/jMx2SQ1jSj0SdBTicDm5dok
RRYB6Y6ZkfSoIN9Yp2FuNMn88fJMp5ecRaHtnUL8E4WV+aW1NYUCu7BPpb3SnsBG
SnvHjJxgG+MDGC6NBap+rD6dwx4lKWMDEdU2Hm6M/GNvpGb144tRY5mCGeGCuQCR
vQbzjWh7eB1rqHvFRT+HALbOl2aqLgTKVjQS76Pw6S/QxG5eIwMFojdGZju+wgsC
232b1NauudTl74gayIA2V7m2U2J/Qj16EbLtUp7rd+AgNeaOPCbAtRZPfz0K2JBP
zoxHpSvfbm2s4D4Mf9YdlEVS65kQfwNvGfATtH1UogQmHDvV8pZvaVP0RD1NFyCm
iCs2CZJhg9/WwHBMJDsa+VXTukdGSjbK5nmtezQabL1/0r3pufuE6NmbybmURAhg
iiCOF7jUWFcQ9agQDTSq1roDqptcUL66leDlrboLcOWTS5jjDGwGWZ/7W7lyELKt
ckQc4h+fs770nhV6bjR2k4WtnQldpBANBva7TP7a8oUc69XPX6Blu+5j/jnFU6RC
XZXMkHhzAJojvBpgQ1oOeUWrtsISd9Ypo/UuAN2hKIufxSwNg6IYQiqnLjy2PEHK
2m2kQewah1UJwCNJ7AbH6nUMdoZFzV8BINLb7posky3WJ5p630Vx585L7X8uhn2k
53EV1XEGBLtOxnUv49jP
=yzUL
-----END PGP SIGNATURE-----

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus