[SECURITY] [DLA 1653-1] postgis security update

[Emilio Pozuelo Monfort <pochu@debian.org>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Package        : postgis
Version        : 2.1.4+dfsg-3+deb8u1
CVE ID         : CVE-2017-18359

It was found that the function ST_AsX3D in PostGIS, a module that
adds spatial objects to the PostgreSQL object-relational database, did
not handle empty values properly, allowing malicious users to cause
denial of service or possibly other unspecified behaviour.

For Debian 8 "Jessie", this problem has been fixed in version
2.1.4+dfsg-3+deb8u1.

We recommend that you upgrade your postgis packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEcJymx+vmJZxd92Q+nUbEiOQ2gwIFAlxTQScACgkQnUbEiOQ2
gwJzcxAAnMS9Lq/M2vU3GfSO0WPqLZayL5A/772xLDdUKRHGBeMnkt/ZArS5keK+
AGok/rrhlEQBQLCgWsYFpdL/dQoPbYiNBrxKGSnDpw5oBkL5hUHyMQxZWc9JFFA5
o3qypOEzKOYgWmYmwT9be4MraAYQ+q9/UhHlTpTOqx2GPEEVnuAZ+80ImsyJ8To2
kuATuPowTSmE+MDdIlkR7xV89KkA7NY9ZAZ3JBboESiLYg3o8bXVQNtPrlBogGB7
AyUukdx7PPN8XPvRPvFwKr9+uQr4vDJRusLDyK8C60mvt8ONXx0TVIOeHXBfijqR
6kf38a6LAffMtEYJFztnoZL/xemUjTNFSUgy6I40DD1MC7MYEXJzF5XUk80v73R1
YxmJdht0W3bDbRy7KsUVtYWKExL+2GCPapbZZ3iMOmCma1Q9jvOqdTV1BOHfoINy
AUIEG+jPGhyDaTAETkcUAVKPZr6BrIm9ifplxJ4RVpQLLCnwr5Zrrt8H93bk9o/h
X1F0YP3wkb51Kbo1/CPKhuWxSgR90hEyxRisajshFbcvVy1E3NYThpiU5QNQyFiM
jQCn/tX0ezK+ZF/GsH3jR3EyYMcNeVpYSt/YedAp0QzSzAP1tYXuJsG8K/AEunhp
EmX8NwraNI5kIoVuVM1EZg3Gk7Hv2xXKal5ROdZU6OPrZXiA3HQ=
=LiQQ
-----END PGP SIGNATURE-----