Debian-LTS alert DLA-686-1 (libxtst)
| From: | Emilio Pozuelo Monfort <pochu@debian.org> | |
| To: | debian-lts-announce@lists.debian.org | |
| Subject: | [SECURITY] [DLA 686-1] libxtst security update | |
| Date: | Thu, 27 Oct 2016 01:40:25 +0200 | |
| Message-ID: | <86743279-893e-1840-772c-1dcd6c580373@debian.org> |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Package : libxtst Version : 2:1.2.1-1+deb7u2 CVE ID : CVE-2016-7951 CVE-2016-7952 Debian Bug : 840444 Tobias Stoeckmann from the OpenBSD project discovered the following vulnerability in libXtst, the X Record extension: Insufficient validation of data from the X server can cause out of boundary memory access or endless loops (Denial of Service). For Debian 7 "Wheezy", these problems have been fixed in version 2:1.2.1-1+deb7u2. We recommend that you upgrade your libxtst packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQIcBAEBCAAGBQJYET7oAAoJEJ1GxIjkNoMCAAkP/3t/fr7a9on+oQm2jkeOu/i8 kIaJC2iDoWF2/YliCuZF3K4z8Y6BALw8t68D8pXGTA2d72Hxk4E6d0qbkVqEPab2 zhX7BwaiApbxDZdkJfeX7aUML0mtmhg8/zpGsZEySEEw2yjylHr+ZThLY5ermG+s fn7BnvSMpkqGVsWtx1vlEAaTnQHngRqSjNyferdmWxSDVVd1JgKNcicW3q4szb/a suBs5EOwbbNEqV9QEDB8iDHHye/9eob6MJbbSNQamUKSEpdM7hSTYbg2jQqRJlOo 2DbdrPKYbl9rb8miFVfH7avDaePOiYW96Fb+G+n2xxILdm6mv87yh1aFQFdag0oh OPYgGw37d2zYUA9hRJqTiG3mwevEGV4FEENIC+3ZA2//xGi8yd/bQip5PB8Ahz6v gEPuK6FWXRwTE85xbh67StllIhjlh/NLfwNpU4j2ExIFuXGeF4JJQF5xJDV1iktY MAE0B5FBlVmq5/4TNvRHiki9noMVTrGx0T5eAMDdVpB31nZ91jzXV5hNRTq4xkdg ljeIoQT/zFqjqr4MzeC4BgKev81rNnF1GZr6cOgaNkz+so7prVa/KLhSV5jDzcWE AYjkMhMxQ4iTcM8yUh7zFw3JApwPr1AEjgDkbQFsXw0FdD/ugoE2iTHx6w6klM8y QNgNhtyiukq/Uwy7fOxZ =tGZ/ -----END PGP SIGNATURE-----