[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 1185-1] sam2p security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : sam2p
Version        : 0.49.1-1+deb7u2
CVE ID         : CVE-2017-16663

It was discovered that sam2p, a utility to convert raster images and
other image formats, was affected by an integer overflow vulnerability
with resultant heap-based buffer overflow in input-bmp.ci because
width and height multiplications occur unsafely. This may lead to an
application crash or unspecified other impact when a maliciously
crafted file is processed.

For Debian 7 "Wheezy", these problems have been fixed in version
0.49.1-1+deb7u2.

We recommend that you upgrade your sam2p packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAloVyoBfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7
UeTzTxAAzZ9uL4NQ7sEB6PekiP+u3kepzQyWqpct5X8Um2LtWB8jPYhF+dlze5Mq
ZQVgRR/sqG3e1V5DBU/oCtbIz9dGRyew/K88zlDJb/mv92BhwPbOZn0hgdrE1Mn5
oMShpwhtICmM3+EhgIL84z2bla01x2iYCU09oo7Q8/KXBggNLr5TXaN2Qc56pNeD
wT1HUBGvSwB9Evxn1Sv9AeQY2vIe43ArlMIojJI5LoPOzCy+q9B/C6AvvwWusAfS
IvUW4sdXN6Gsgh2cgeRieKqnWD+9Sj3sSlQq67nD9aigk3MhrHOGCHcPlYR3pqWd
/ONpzXG8SWhm4/0/0EGveGvZ+8KMtAdJSSihhqS2ZF7sYWQS4NaA7/Fev3baz49t
G1puuWe04Jtatc6zmZ9pplXTJWpHXyrnSbSqGRTadeU3c3k3qIrI/3ESu1jA6QdY
KXtB9bi7/mT4cbYU2i4l5w0f3mNRNTDKgBp7wdzHEWuu9ov0fKdYHVicxJmvwJqA
kdVUEV2fyFexCFrFn+YcMIb7DZOYHAulL8F6Pdi9C4xwBkvXqUy/9o6Y8BSDiNjs
6RUQw34DAo9euYVaYkwXZGL58XbifFzTrr/nQWSK45ic/FoGQqUqBpsKXQUuBC76
yJQmOAwt4aUl9//0ptz8CtiQoTulOVBzdYQKXPRddfPODBZHOBQ=
=yFdP
-----END PGP SIGNATURE-----


Reply to: