[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 417-1] xdelta3 security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Package        : xdelta3
Version        : 0y.dfsg-1+deb6u1
CVE ID         : CVE-2014-9765
Debian Bug     : 814067

It was discovered that there was a buffer overflow in in xdelta3,
a diff utility which works with binary files. This vulnerability
allowed arbitrary code execution from input files.

For Debian 6 Squeeze, this issue has been fixed in xdelta3 version
0y.dfsg-1+deb6u1.


Regards,

- -- 
      ,''`.
     : :'  :     Chris Lamb
     `. `'`      lamby@debian.org / chris-lamb.co.uk
       `-

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJWwvqaAAoJEB6VPifUMR5Y3LYP/3EpCRR9zrjYAWIJLWb+ZFs6
k+pQkZ1zPfNqsf6K0IWF7X2tV+JAZltAK39AuFnsiKjmKmajnVVNuAhzS/Tq8SpY
2EEuCuaz6mFrsGu0WQxn+/I8CnlmkhXnaD5RiNAuNOdH0y55VTFiR5I+rq8J4oyj
JWhciVZ/9X0JcsdV2+p5cAv7K+K1j+V0REWjPkomkAXFMCMUEDW/wlKgUQ/0+TYa
0OD+YoMN07pHfmJle5CS5ShXTcAAnEIDenI6gvJdrsQh+qCcvWKdRIQ/Y+uGiFSn
kgP+Dx9ARYG7glUt03VaRLiRp8bebv0puu0BH4MPNxdPbbXOChDZxQCab9EYg7Oe
hZZjevk1as68NXwIpZTrsBOxcfam0tRoOTsRALDVflC4bCnPpThat5kMDizVqQTo
Vy1NZyZmHWaTu/Dd0Slz6k+FHlayIlNQ9eeM9FCPTE1NB4eBpi23LDv/JZWYNGfm
TMLLjg1CZPavIAQ7ZJcTYf1pUfm629e56YAShHTQpl6DkMOtyEPOzV7mMZh5uWaw
UF5YIQeliwl6GRZC2PvZS+xnMqJH12Tt1EPAb9kTkc9+wQW35xO08h5hr5MmA51s
WKbz2iTk/TUrLJnLrPSQfHBptJ/sFJA2Smk5nypveoEuyoMB4IHCopneT+V8w2Os
tErbaAvc3eFnfvVxir7r
=RPQo
-----END PGP SIGNATURE-----


Reply to: