[SECURITY] [DLA 1501-1] libextractor security update

To: debian-lts-announce@lists.debian.org
Subject: [SECURITY] [DLA 1501-1] libextractor security update
From: Chris Lamb <lamby@debian.org>
Date: Tue, 11 Sep 2018 17:14:32 +0100
Message-id: <[🔎] 1536682472.431441.1504447640.1784CDBF@webmail.messagingengine.com>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Package        : libextractor
Version        : 1:1.3-2+deb8u3
CVE ID         : CVE-2018-16430
Debian Bug     : #907987

It was discovered that there was an out-of-bounds read vulnerability in
libextractor, a library to extract meta-data from files of arbitrary type.

For Debian 8 "Jessie", this issue has been fixed in libextractor version
1:1.3-2+deb8u3.

We recommend that you upgrade your libextractor packages.


Regards,

- -- 
      ,''`.
     : :'  :     Chris Lamb
     `. `'`      lamby@debian.org / chris-lamb.co.uk
       `-

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAluX6eMACgkQHpU+J9Qx
HlgpVhAAhkbsubNaKHbHRLEREQcKWd+Sk062KELigNeM0ojw0IytiLtZti8J0uAU
3fiO9lDntx9lgDeWJHMgaRcKjCpbG/8+QOMC6t8j5MlFDFa2xFSpFHWFXnSYdj6Q
CvosYHjw6j+tKq/Li1hG43sRynpYhYWUPYQmOYxvZZmHTaIm9f6coI0dhlEfenGn
zv4LF7p2zEehRNi0CdI9djZvQWKbc5+3eeRYXUnZNKB3oOZhSnGrIILkZtgwOfIE
osh9BUMo+7wkDzVdgE7QhQcnRwJV/Q7UGmNTSbiRYb+Edybaj27RMMcjTX2TAS+g
Dv8A5I+dC9fnPSSFnGjP1FIhooMvnNrwN+gY27sjTuCl4UwmM/NaRxWQ4k6s+p5k
wH6sVHQS+iyVqflRkQT7stwDYfyOA9E9iOJKfL7qZEXkqCdBCVdR1uFHl6YjnES2
bc5mOfiRo/S6icFV/yM9Iyql//06mJOJ1xzaV1tylG6sJNyiWMN7Q3qaQiTwu8mG
wmP07KOsS+g2VfxGx1xOBfyWtJ4OD3witFZo8kDbhPBYO64x9TRNsiFWfc9FeyKm
2YqLfVCA/4TiximqvvKVPGUuOrsfSmmndrveBZx/h63SP/EVl/VaKwFhQpgvcaLH
DpvZG2cd3h/odYAI0P9aq7TIm/iSz5lMoRQpVYYWaFmRXPV6tfw=
=ynVz
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 1500-1] openssh security update
Next by Date: [SECURITY] [DLA 1502-1] mgetty security update
Previous by thread: [SECURITY] [DLA 1500-1] openssh security update
Next by thread: [SECURITY] [DLA 1502-1] mgetty security update
Index(es):
- Date
- Thread