[SECURITY] [DLA 1951-1] libtomcrypt security update
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Package : libtomcrypt
Version : 1.17-6+deb8u1
CVE ID : CVE-2019-17362
It was discovered that there was a denial of service vulnerability
in the libtomcrypt cryptographic library.
An out-of-bounds read and crash could occur via carefully-crafted
"DER" encoded data (eg. by importing an X.509 certificate).
For Debian 8 "Jessie", this issue has been fixed in libtomcrypt version
1.17-6+deb8u1.
We recommend that you upgrade your libtomcrypt packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` lamby@debian.org / chris-lamb.co.uk
`-
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAl2eTgUACgkQHpU+J9Qx
Hljq7hAAvPVyKHaD1S3flhSjdc/AEFyTyjTgiXG5EqsVttXIfH3xjthQzRcrARJt
QQaZjkCuiQMnxToet/ufO9+z0ltMNur/8gYL8OapDRBcs5Y+R/gJcbPC2J2vzi27
HN58v7TYD+n9aZ1I/wzRkucgC59zh0bpQrgyKHOsnR5SqJws/l79B2g0Gzd+sY8r
2HiMltYcU4aS2399G3ZY1bwrTLWAGhPaYGqv1qdnHmwOg6ioGobGP9PZq/oGqIzA
vobvxDFpnnw9BojP2W4jmaw7PeturxpP1/FRgkt5/fpdEr3iY6CPuGG2vwSpfdaq
xA9DOyqHttrwthUMadDcVhsikg+tIX09oVPIZD/701ftQJufW/pVGCffJugKjk0g
uHN/oYhTK3E6PrpxrLCoqYSFz4ZQgiuG6h+LwMieJHIXRhQotsTJiEGfnfUTkC3c
c3H2dI2ygy/c5qSUMk3jZFohrJfpYoFz74phKaerG71V6JhVOqdWdI5GRorBhm4H
Hfl1ZqtCgWGqy6f4PBDZtU7YwX7qhRiTYQ1KHpNgrBqE/joiJidYO+xofGJs7719
GBtE7ukPRcSJmLUo5a4vt52uL22vqGmC/4U9zIu2pnT80PMQmJBaZ8cNhetsK9og
M8O7fMQNdwS1VwEIHj6gBOpjcCoh269J93+DD4fr+EwNb+/Pqt0=
=FiOf
-----END PGP SIGNATURE-----
Reply to: