[SECURITY] [DLA 2220-1] cracklib2 security update
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Package : cracklib2
Version : 2.9.2-1+deb8u1
CVE ID : CVE-2016-6318
It was discovered that there was a stack-based buffer overflow when
parsing large GECOS fields in cracklib2, a pro-active password checker
library.
For Debian 8 "Jessie", this problem has been fixed in version
2.9.2-1+deb8u1.
We recommend that you upgrade your cracklib2 packages.
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAl7KspFfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy
MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcACgkQlvysDTh7
WEfysQ//SKzwGeOsU14JIcJUFAlKMjLvlWOjftfkKI4zUwGK2dlwFzwVmoKJq7BD
A3OkDT2BXk7RFc3yB0ij1i2NceahaFhyYoXL9fpdrGfQPzQ6qvZJ3hbfaDZpk1HT
92ue9KQo8i11iRPfOWqrl38GBJRGPntMutt3KaHVvNW2StdDp6MYb7+wVgSSqjWg
PCqDijgOsVCRpjpO7+VT+ayGI1Bh62K/An4NU5N6T0k3rhJSubdiEWdl9OfzJgDf
cusCdj4Xsn2QliHANM5sa9vllOaBl0yTzbXi95tShkUtTWzy64t96R69ulvcWn6G
YCqioTmXp5EUBDjSkk3hru6JnzHkLlusjGimTLAeMTRm4wrU3DN7Tg2JeqS5jcHW
vm/V1x5jgfnW6ju+LIA1JZFDCttWaVVtC/2k3Md6CAjnjr2BdWkn7XyQqDX2Tirb
jX5P36cZlP3tW0XSBoK8FObcWcF4wbM/IDKX4oqppj6z+6s9caUXCL3NvHOiDwk7
TZ5inuhRhW1Mqs7QXBnCiWkWT5M4KsZVT/SlL4NWZUo7LHkPfESBsQ6AYqY54R+K
DwpZfF2aj0WZ+MmZBfSvdv8fljfkIee4oECQ5Z6iDlNvg1iWd8akfuh010SxRXAh
v9EvWVerhWE9T4ZKWXcXogFPIDX/PGDtvvjVcJ/Es5JRHvV1yqA=
=gAga
-----END PGP SIGNATURE-----
Reply to: