[SECURITY] [DLA 671-1] libxvmc security update
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Package : libxvmc
Version : 2:1.0.7-1+deb7u3
CVE ID : CVE-2016-7953
CVE-2016-7953
If an empty string is received from an x-server, do not underrun
the buffer by accessing "rep.nameLen - 1" unconditionally, which
could end up being -1.
For Debian 7 "Wheezy", these problems have been fixed in version
2:1.0.7-1+deb7u3.
We recommend that you upgrade your libxvmc packages.
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iQJ8BAEBCgBmBQJYB9buXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ2MjAxRkJGRkRCQkRFMDc4MjJFQUJCOTY5
NkZDQUMwRDM4N0I1ODQ3AAoJEJb8rA04e1hHWYkQAIFkqDNJ+0zXFQCYHGKTrWBB
Az0mQDOdIqDdpAOp/DQI6a9akQ2Yop9KX4Pl363JpgmtsaeVesvBd1fPWglUQyow
g3eDhC8/aZkLmRB4UQyokbNWW0c+rrvRAOxHuvG+3EdCb448LAQoUl5wUlp3tXrD
tRqHE1JXAPHoYIIzt+YxxYvqRm8DKe5Ch6WOjTShDWGx9Ev2a8PpH8dfNABYTRVJ
ewmLysMgkHT+u35HFd4gtT9dc8M8kawnFTJK0KqsB1YEk4jVGdKkfBXlKzPXVvCz
v6KL4p8YWIHJmUeVXwhdtN+FwC4GuV8ZioqxNQOYeNJo5gjzmUgdqafisU1PV1SV
ZoXFZ04eRxEbCjAOlELc3N5GFPz8mLmA9SD6tmv2v9EYXsXIlGdXTNjyIrvH0YaM
oa4XHlONViG6nQsne5+LCwqWkeLHlcfo6NpFQKL+1Z0R1m5Woi6rEHBb/rQSLW6g
G2E1B/WVXa41ylP/5hsWY5+VTtiDYe1MgGO+qXPTYAnpQmjX+KtdAeLPSKIsC9FF
mxka92o2SJnJT+69lzl8fqGbm7B/2ocoC5fMIR+BQbcFr1XhoaJYJV8hoMwiDivG
s0NXVI6uzhy1Ox1tog+A0OBdMnM9d4CoKV2zsaWTIyTZYoe+xlEAVqiU1miGJ0pE
DjzCA8jEfkVr6Q/dwUkc
=TQl+
-----END PGP SIGNATURE-----
Reply to: