[SECURITY] [DLA 997-1] libffi security update

To: debian-lts-announce@lists.debian.org
Subject: [SECURITY] [DLA 997-1] libffi security update
From: Lucas Kanashiro <kanashiro@debian.org>
Date: Wed, 21 Jun 2017 11:52:37 -0300
Message-id: <[🔎] 20170621145228.n7h63vfkvkl4gyq3@riseup.net>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : libffi
Version        : 3.0.10-3+deb7u1
CVE ID         : CVE-2017-1000376

libffi requests an executable stack allowing attackers to more easily trigger
arbitrary code execution by overwriting the stack. Please note that libffi is
used by a number of other libraries.

For Debian 7 "Wheezy", these problems have been fixed in version
3.0.10-3+deb7u1.

We recommend that you upgrade your libffi packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEjtbD+LrJ23/BMKhw+COicpiDyXwFAllKh90ACgkQ+COicpiD
yXw3fw//Umzz9sWxwOpmHM5uablOAYtS8DHIVmtBWjt3eHOqH3Vq7YZxPmRqs8D+
sNhOuPgPUOA6yVfZWg7QFYjQON2T5gMFlrvIF35CRLVITmC61pzhh5r+43OVnTLz
aCT8bEa3MpvyZ0smLdtLENiv0Vjm173y8DxFgWd3jjVfF44NPGeBZVFJU/RELuX3
GSbTtubCVjXTkXZADUj/J+FCf1yXxRnUeCbcEfv1EOn8IJfydFY4ttJmFKi0LHXp
F27UiaHhDtqVXDVHPLrCrmAmAjQOm+e1p6CQIB0E4gXP9J4yOY84WZAR2RDqQe/k
URPzEBoYx49F3GUoEgTOT5FffE8PaiyUq9MBnYZKTapjXbNzLbN9uBTS6hjSXfIP
YFxI9u8a+kCcc7CwQ39sczo9UKJkXwlj0JnVkD16rM2TiiiB3dLHwge6mT8EcBX8
Svg9bd/vBGBdY7JoUgjhHW9pekC/m9x6qxXo6u51MgH+YgiDtaXtzl7R5ollsj5c
K5diLZRq4LmVjakI6eVWr8N98r1JAzNH1PRUbp5Ij3amlDb9eenoQIBEpqBsadyc
j4v80yq9JJJxWuMw0Yp27BJwNgIP+sVpAk5DwpKixMTAnTIXVQPGNDJVyA0YSQhM
7ytoNcquthyQ1pjirLLmSzrq+Dj5PtVsTol6YhODRpmz6LMUTFQ=
=EZet
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 996-1] tomcat7 security update
Next by Date: [SECURITY] [DLA 998-1] c-ares security update
Previous by thread: [SECURITY] [DLA 996-1] tomcat7 security update
Next by thread: [SECURITY] [DLA 998-1] c-ares security update
Index(es):
- Date
- Thread