[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 4023-1] libebml security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-4023-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/                          Adrian Bunk
January 20, 2025                              https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : libebml
Version        : 1.4.2-1+deb11u1
CVE ID         : CVE-2023-52339

An integer overflow in MemIOCallback::read() has been fixed in libebml,
a library for the EBML (Extensible Binary Meta Language) format.

For Debian 11 bullseye, this problem has been fixed in version
1.4.2-1+deb11u1.

We recommend that you upgrade your libebml packages.

For the detailed security status of libebml please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/libebml

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEOvp1f6xuoR0v9F3wiNJCh6LYmLEFAmeOWCMACgkQiNJCh6LY
mLGm9RAAnexTAwvmOvVce/D5vMMW6wlFTYFFISr8G75ksmHWUSS/NGoKv0OsqSNp
B3yqkiaOpr7aghwUChpB8bR13IVyl8CuLldbCnz96OVY3YwUmMtLMOOkAYxxxq+C
EOYyhnsaGkyx7xZ4FoeT3QusuP0/q79V09zLQZ0xvrA9vjiZvaeX2TjuZdJiLN1y
CP/92Ciznl/q8jmcMd2RZo2sVE7ifjT2xFMbW+bfSNjmDPxq26hwszKRVN2NtYpF
unw6NAowq7eR/imIth0KJ1cVT+EizHGR/rvuL+MPLt5zKyZE5YtMeni/szp2abBz
8pQ945MTp8dvwzZttNOfr9cDUbHAsa05GRp8sdbxV6SbfQbCv2IUuLkqtzX8no4o
kL2k3sdOFO8CzYYy+QYZaEJA7BHsWjWAmIgGYtkLmhTo4BVyvDb0+Fnv8SQMO1Cf
LudEFbwbclBsKoPdHoGSFkf26TW+QRdgLWMzJ/YC0bRliVCarNl2hmRQYY8HPiJr
ZEQ5XINU0nexLylHlkfZKgxhqJYQuEsXsQ9peYPoFMNZ9dnEwJpzHLFOEZsHWEXv
xKuQvyHrDc1dsE7EgiiaFojfbHDB+dxQwCa3Oq0Fp4vcNxTK9VAx1stBwvjmpAfM
Sq7VGT3J2sscnBGBg9KPLA/4hcwIZFkNXx3XYTUWaF5Q24OT/jI=
=7UgL
-----END PGP SIGNATURE-----


Reply to: