Debian-LTS alert DLA-685-1 (libxi)
| From: | Emilio Pozuelo Monfort <pochu@debian.org> | |
| To: | debian-lts-announce@lists.debian.org | |
| Subject: | [SECURITY] [DLA 685-1] libxi security update | |
| Date: | Thu, 27 Oct 2016 01:40:17 +0200 | |
| Message-ID: | <3c888401-75d0-c367-06af-1a72c88c4a64@debian.org> |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Package : libxi Version : 2:1.6.1-1+deb7u2 CVE ID : CVE-2016-7945 CVE-2016-7946 Debian Bug : 840440 Tobias Stoeckmann from the OpenBSD project discovered the following vulnerability in libXi, the X11 input extension library: Insufficient validation of data from the X server can cause out of boundary memory access or endless loops (Denial of Service). For Debian 7 "Wheezy", these problems have been fixed in version 2:1.6.1-1+deb7u2. We recommend that you upgrade your libxi packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQIcBAEBCAAGBQJYET7hAAoJEJ1GxIjkNoMC+VUQAIWEXHKkKDvnl3ASNQGDxJFN CGVdFwcVJ06soCPEnujetbEf4jML9ErHRImE5Nu5Vcelf07Qi4s9z0lRpgPE5Qun +9TCWUkVfwj6meaZehmLEaDaEH0Eieh+RuaSYSc+uXvbAH5uaFnLVtZDQ6x+/gNs SlTYRRjm9koY7r0akAmAKQHejbj4/VWWopYJeQ032q7eAidVNACcVGyEm8QUCHIm N0t42KKa1d+/38GXk7Dsz1tCbQQa4PFy6J8XsNo9MZPdMCvbk1RmpLXDOWyZZSUX DG5CH+ActnWHPTwxc+qP67l9T/P893uzVQuybqgDnZjzFtabvHRwdLBqKUp+rPyM sxTUIQ3CaOpbE0pxAzp5Qsm/AxnGJd0H//EwCnI/1HuoX4jVBnvsZ/fR6avb4rp5 eIem/vpfZeHtxWhCLpJTEpWohubWNubMkyorScGAM185hNWWX6tlkdp83lmfbJZd /nfrsFtNLxjKekGHaCGV8cnwpFYaLecH+YkNO+bNnlZsp3UV+NE1RE/DevvktRn2 fJSBrsxYbiC9Lyfb6vLag4oPcemrwL09PtojZP4Q4ZNtbRczYl+a1AMCM7t4qfZp Ivq8yAKGEBlQfLVMVihfimAzmxOTUE4Xrh9ded3zrpCrpVAoSWBdReHKlaSCwmyB 7pOOqRDR9N7EHhCW5KS+ =viod -----END PGP SIGNATURE-----