[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 2100-1] libexif security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : libexif
Version        : 0.6.21-2+deb8u1
CVE ID         : CVE-2019-9278
Debian Bug     : 945948

an out-of-bounds write vulnerability due to an integer overflow was reported in
libexif, a library to parse exif files. This flaw might be leveraged by remote
attackers to cause denial of service, or potentially execute arbitrary code via
crafted image files.

For Debian 8 "Jessie", this problem has been fixed in version
0.6.21-2+deb8u1.

We recommend that you upgrade your libexif packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQGzBAEBCgAdFiEEeDb9QWtkMa2LX4zREeMFjl5EGkIFAl5BZVIACgkQEeMFjl5E
GkIgNAv/fEKz4nsXhd8E3BMfeuMBKS/mdIem9sfXr4wdl7sddv5zw4VANygkQUFE
FVAIN1xLl5XoZujwcgh73enMjbwOvpJaGeGe/P+BxhiNu8mpDW6hYwuQKZuE0HB3
OlZTLOtqGthzdqBoh8hzmnpAXjT8SYqi97RMGy4SdSKUdwhNdIuhkCBiJNN0/TxF
E0TriZlqL2X6o4g9Xd02vSlJ11MBIfgH9RMl8NUd/hF7l5fXS8S3V27XGmywuQWi
YT4o24/9PBg9CutryfCEjNs/g8QCjZno0oTKet49gmgf1pRWzMIYBupFdASoOQk+
mOSPQxSYwrWXwt28zlvN9ZQT/7MQ9bBq3nm9BKMSus+5Gjz6iQ1XpkSlf0AETI2Z
qFHzktdDUExf+8uwJA6LWlp50mzdy6GN83DcJgEkYZH2D02GW0npp9WmcfnNgKe4
+kqWWo9pd0dptkPqp9/oLZuhcSSjNjGBSg5hOZYGIkc1STyofFbAc1qJz6kGTt1M
LL8x8JtA
=28Gp
-----END PGP SIGNATURE-----


Reply to: