[SECURITY] [DLA 2837-1] gmp security update
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- -------------------------------------------------------------------------
Debian LTS Advisory DLA-2837-1 debian-lts@lists.debian.org
https://www.debian.org/lts/security/ Anton Gladky
December 02, 2021 https://wiki.debian.org/LTS
- -------------------------------------------------------------------------
Package : gmp
Version : 2:6.1.2+dfsg-1+deb9u1
CVE ID : CVE-2021-43618
Debian Bug : 994405
One security issue has been discovered in gmp: GNU Multiple Precision Arithmetic Library.
It was discovered that integer overflow is possible in mpz/inp_raw.c and
resultant buffer overflow via crafted input, leading to a segmentation fault
on 32-bit platforms.
For Debian 9 stretch, this problem has been fixed in version
2:6.1.2+dfsg-1+deb9u1.
We recommend that you upgrade your gmp packages.
For the detailed security status of gmp please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/gmp
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEu71F6oGKuG/2fnKF0+Fzg8+n/wYFAmGpJCkACgkQ0+Fzg8+n
/wZlUBAAnuM5xs5sZQ1w5Wc2HXt2lPdIb/8ri2pUVEL8udLpvSiqrJlOqyBnY6R1
HKgcFOEVsajlMYJYFCSEjbN6qR9mZMxNFcI0XwC5kn0wFdLKD3FPS+jiOKDHBGF/
z1OhTJqFSCadQUGCrGQb/63M6dl8CKXy2MZNEdvkZiPsbIkYKfBAsq9gbxqcoWK6
jnOSgzbYmnU1aj6oH7QIrL2amPMx/ZcOx8v9tt6C1m2fCMEZM/yOT3mVSxaYwiAF
odPSHGNVdgl2uWQwpW5uoP2csJ+RD6rXB86sct/cCjtRGLCRZYzJuy7sIeKzCbu4
bnc6NnOG8qbdVE4mNfUzh18UrOfoU12seeEY9O56w2n7OV+HVpqHnWFygizYoKjL
d9L5cs9WRFlBxdQx9Ps5IBgP4fdwhU7QHSKeOIb3wnEVrahO3QCvGHKz8LK/rZep
a4dN9Q6gpqvqzgAQh6zNShidIUTtSlfgSVdVPrSMVkMNKxS8B6WLNYculwBkqZdh
QW4lc+NH3R9OJf1ecXGMc5GCFvIPHJxK+NXsoxbMcVCdiNsoYgVnPRUDlV4WrvZh
C9GFJbXkS45GKBda17TaTKM+EBEFDoE5opmWl/xwNkJu8Wjv/aZBO3kflLn2Bl4x
Uf4rQmMZWBqn4pjftlQz/jh44cxs66T5Fqahsp4WIp2cRw4Hlxw=
=/0KZ
-----END PGP SIGNATURE-----
Reply to: