[SECURITY] [DLA 1134-1] sdl-image1.2 security update
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Package : sdl-image1.2
Version : 1.2.12-2+deb7u1
CVE ID : CVE-2017-2887
Debian Bug : #878267
It was discovered that there was a buffer overflow vulnerability in
sdl-image1.2, an image loading library.
A specially crafted .xcf file could cause a stack-based buffer overflow
resulting in potential code execution.
For Debian 7 "Wheezy", this issue has been fixed in sdl-image1.2 version
1.2.12-2+deb7u1.
We recommend that you upgrade your sdl-image1.2 packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` lamby@debian.org / chris-lamb.co.uk
`-
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAlnlK/UACgkQHpU+J9Qx
HliQERAAqadkNNkA7Uz984wM1nCKkJRw9D4FSPd+ewDSxAPGpbfrUIEjUvFNRzyY
86MrmNOoGKBi6qEy1eqdUBWCHZcXRkGdQls1Gptc1piuDgpCAbhp5zhK5jQv6Su0
qMeH7dh7+VQJgjUY8XpeY56J65P1xE6DTWz0u8ClbtKepB/XwPC7vKJVOcg0pryw
Esqk0MvYzzc3hqYkrIx930gmNhSr2KpRsDKP/qrmkouFzMwfb8Pkft9VTnIpEoM4
NfXQ8EUVRmqgLSRzzs6wy/DsRKRVY3QwFwhsasPYeTm/KXpsLXFl8JZo0QZNxL6Z
3kLZcvKXrvMsbpN6ZRMf2s6BDPGOT+rP+SC9oqv3C9Ei5uuNy0+dSiFHaEfzp8fc
rG7eUPEw3a6KfosyQSOBzWgxB13flOL8Tj/R28gtnZ+GXivk1yXevJ5/+pnvA2St
YoumsQuyXL+jeqfZEGQk/M37FEt7CjMzHHda7X1nZZNQiqZGK3Ov1d7aa6jEK5Sg
KBIv19Cuog42Bdkt8HZ4PCWf25XfkTkji49ooPjY6V2BZsyAn+Z6VL3TPmYi4XBN
EW1VIDB9r8IYSzjQxxGZcTOu81nAqW+q3W1IdO3kwCbtdZ7et6e5H1KyEmvVRz1P
S5a0RjwCXzZtTVig1wuMVxMM7Iq9UfP+agF0WgU7IX5VpuEk3L0=
=a4xk
-----END PGP SIGNATURE-----
Reply to: