R: [SECURITY] [DSA 2916-1] libmms security update
-----Original Message-----
From: Moritz Muehlenhoff <jmm@debian.org>
Date: Mon, 28 Apr 2014 18:47:14
To: <debian-security-announce@lists.debian.org>
Reply-To: debian-security@lists.debian.org
Subject: [SECURITY] [DSA 2916-1] libmms security update
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- -------------------------------------------------------------------------
Debian Security Advisory DSA-2916-1 security@debian.org
http://www.debian.org/security/ Moritz Muehlenhoff
April 28, 2014 http://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : libmms
CVE ID : CVE-2014-2892
Alex Chapman discovered that a buffer overflow in processing "MMS over
HTTP" messages could result in the execution of arbitrary code.
For the oldstable distribution (squeeze), this problem has been fixed in
version 0.6-1+squeeze2.
For the stable distribution (wheezy), this problem has been fixed in
version 0.6.2-3+deb7u1.
For the unstable distribution (sid), this problem has been fixed in
version 0.6.2-4.
We recommend that you upgrade your libmms packages.
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: http://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBAgAGBQJTXoWvAAoJEBDCk7bDfE424hkP/jUv5rBxjQmzJPaqqfzLAvDz
Zz98k1lw5+BoXBlWF8OiabNm7oVJYGbJOPwFMwJXnOWNvY3g8PvSn332mefXnyqC
y2cMnyLR3OBMe7XM3dQZbKveyVhq7a1lrig002+Leihihcomlq/1BE+F3mrTpix0
nbWMW1kliXG/c2IpHprJNOdNMGZaA4+wtHrBIvpmJ5B3zw48YSKpq3TvuvsLdYr8
BzKzdcF0nHQ7oRpSKnpuk4IEj0cWKLkt8oo+9LCQS0UwW3vGg0sx5rqZpbGIOLyz
a88fDOJGTE8EnNz5svuYNGcK1Rp6ovGS0e7OFt12NEjdZuGF96n7bIoonx4qO5Uz
4SChgNqC8pCpCqMbBfn79wpkSVijak7MYpb4IaHtTPRm2bzftj4tikms0HUZmkZ7
apXa0t+3dFqMCNWJRRitu4q3XAjahANhAUtfeec6kYkVhMxM5hz5IZqOy+VmkvJr
cX71dH9oRV6mzyMyPUGG6gYtxGwcCB0fcdISx6P0yERCrcIU8+yndOKaS6vu6eQR
VoiKkPmYFrM67DmkCGttXS91m1flTGgSz1u6228Z/tnE7BNWKQuGsiAGnjF7tY9v
ndcgJ2kQw+hkS+KLaqZX0iLw70vqOke96djlxGU81a16Z9us+3sh1SbE55Qm0pZe
1apUKqp4U8tlwdHwiRZ8
=ESif
-----END PGP SIGNATURE-----
--
To UNSUBSCRIBE, email to debian-security-announce-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: https://lists.debian.org/20140428164714.GA3373@pisco.westfalen.local
--
This e-mail (including attachments) is intended only for the recipient(s)
named above. It may contain confidential or privileged information and
should not be read, copied or otherwise used by any other person. If you
are not the named recipient, please contact the sender and delete the
e-mail from your system. Rif. L. D. 196/2003.
Le informazioni, i dati e le notizie contenute nella presente comunicazione
e i relativi allegati sono di natura privata e come tali possono essere
riservate e sono, comunque, destinate esclusivamente ai destinatari
indicati in epigrafe. La diffusione, distribuzione e/o la copia del
documento trasmesso da parte di qualsiasi soggetto diverso dal destinatario
è proibita, sia ai sensi dell'art. 616 c.p., sia ai sensi del Dlgs
196/2003. Se avete ricevuto questo messaggio per errore, vi preghiamo di
distruggerlo e di darcene immediata comunicazione anche inviando un
messaggio di ritorno all' indirizzo e-mail del mittente.
Reply to: