[SECURITY] [DLA 599-1] cracklib2 security update

To: debian-lts-announce@lists.debian.org
Subject: [SECURITY] [DLA 599-1] cracklib2 security update
From: Chris Lamb <lamby@debian.org>
Date: Sat, 20 Aug 2016 17:58:57 +0100
Message-id: <[🔎] 1471712337.2917558.701073953.086EF20A@webmail.messagingengine.com>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Package        : cracklib2
Version        : 2.8.19-3+deb7u1
CVE ID         : CVE-2016-6318
Debian Bug     : 834502

It was discovered that there was a stack-based buffer overflow when
parsing large GECOS fields in cracklib2, a pro-active password checker
library.

For Debian 7 "Wheezy", this issue has been fixed in cracklib2 version
2.8.19-3+deb7u1.

We recommend that you upgrade your cracklib2 packages.


Regards,

- -- 
      ,''`.
     : :'  :     Chris Lamb
     `. `'`      lamby@debian.org / chris-lamb.co.uk
       `-

-----BEGIN PGP SIGNATURE-----

iQIcBAEBCAAGBQJXuIwzAAoJEB6VPifUMR5Y5NMP/3Cuq0mb+7v+r4D1YcRCtCet
O1hGCIey70ynlWsr6hVRcemRA4jHSCKFRXKZ0Z8ZS/MVPgUCg7BEZtH06nGSSQXG
YcWXhnaaoNB9IRLpMXWy9pX3pzVk4TbcVtIIFBGvpK2+eWGAGbHyLIBQ0qY5eid9
krtAh9Vwhu12pD5jCmjHTLwAz41V8lXKrPNtLnVbSdmWRI3+iOUA/L6H8D/BQtR4
4GQ8MQK7zxNwpwgacKHFK3FGoYq/2OJZTW++1VBkrnp03aFsrSMDxsDPNM74ggkl
anUkpBCQ8CC2IE9e2CtIAa2jUnnNC6BL93JPcXySJs5vIIxgGrvouLF1sT3dvn1/
S+nNqE0joYQKMP4dGVECODUaBsrAc1HPsL/y+vZPfmgiQlHQTHvS/e9qM9vrlqnu
iE4Alcz1EwrGsZXI2HzT6yrwgBVgC4mSO5Vk0JibV3Yd0vXL7h4Zx2q6a7V478WK
9zRhjnUWVffB0xVFyjDhssEimyJmhPDkcxnZE7lrRQO4GbnVaRO0wGV0QmUjoaW2
WoDbbeUOk2+9dS4ZrPCYySKyUxvsntjtpu8hRNM+ZgLa12rp6NwzoA52tLbF8S2b
cbqqUmRrzeZuXQRDz9RdmOjAxchWHdNyHtmX8lXyziF/p8nJzfiZxJFf70CJDbzX
hcW6mYS9q112J9jjPPeB
=XQsA
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 598-1] suckless-tools security update
Next by Date: [SECURITY] [DLA 600-1] libgcrypt11 security update
Previous by thread: [SECURITY] [DLA 598-1] suckless-tools security update
Next by thread: [SECURITY] [DLA 600-1] libgcrypt11 security update
Index(es):
- Date
- Thread