[SECURITY] [DLA 3784-1] libcaca security update

To: debian-lts-announce@lists.debian.org
Subject: [SECURITY] [DLA 3784-1] libcaca security update
From: Thorsten Alteholz <debian@alteholz.de>
Date: Sun, 7 Apr 2024 08:42:55 +0000 (UTC)
Message-id: <[🔎] alpine.DEB.2.21.2404070841270.3443@postfach.intern.alteholz.me>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-3784-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/                    Thorsten Alteholz
April 07, 2024                                https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : libcaca
Version        : 0.99.beta19-2.1+deb10u1
CVE ID         : CVE-2021-30498 CVE-2021-30499


Two issues have been found in libcaca, a colour ASCII art library.

Both are related to heap buffer overflow, which might lead to memorycorruption.



For Debian 10 buster, these problems have been fixed in version
0.99.beta19-2.1+deb10u1.

We recommend that you upgrade your libcaca packages.

For the detailed security status of libcaca please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/libcaca

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAmYSXI9fFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy
MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcACgkQlvysDTh7
WEftSg/7BjdPzQHgr4mQ+bczR6C8aez4+t36XkWfAsoTwoB9EhaYs6Qc1Yaa2FVw
AU41xIxB2RKRGptz3aR6fP2mK0AqrX/kAlRGHYKAmBy6rgoTMOMGCVaPWX587TiD
LxPlkA/tra80WIytumQee91LCdNy8ts970dYXD9CH2AzL5Ck2CLJntDRZq865er+
KdnI37nx+TvJeaM2ADSX8sNGqJgDtiio9XsuACkcesCJfteqxGzaR/A3N/wH4T6X
JmNtLNN/ApenryHaBFm8vvGurpGdK83nEbOIaMg7FLZkBRtRMSq6TmkW0gAPdIKZ
ScTgv1aoluiA67fH5RVxbp3v3S4tY/FMOFAU/5mfHoaPIWlSOcgQ5g9pALVJAPY/
OxJhSywxQtt1/+G51xBh87/hXkOcm39xT7RWBhEhw+vhL/iEccP9IJlZhAiyY5JA
xisCEoI7HyV8zAfLurucM8wG5rfFKbswk+D794zGY3UnaE0At0LNt9K1ZkASQ5Yn
Fu7N1JUECSOrl1xg0LUgiQdIG1jpOthmw3Y+5S/TvesT+aaQGquK6FHq02EsWrtl
jQWtsTEYt5IIVustpD/tIJtXKwMK+8/u1S2O9+enqpeU9h/NBYcA6mzZ1kUU9vUs
j3i7DJR+K0akk0PwPbVlvYETUnBb2Xh1uTM4amE9m8jadx18WV8=
=VMil
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 3781-1] libgd2 security update
Next by Date: [SECURITY] [DLA 3782-1] util-linux security update
Previous by thread: [SECURITY] [DLA 3781-1] libgd2 security update
Next by thread: [SECURITY] [DLA 3782-1] util-linux security update
Index(es):
- Date
- Thread