|
|
Log in / Subscribe / Register

Debian-LTS alert DLA-688-1 (cairo)



From:
    	      Chris Lamb <lamby@debian.org> 


To:
    	      debian-lts-announce@lists.debian.org 


Subject:
    	      [SECURITY] [DLA 688-1] cairo security update 


Date:
    	      Fri, 28 Oct 2016 20:28:55 +0100


Message-ID:
    	      <1477682935.231401.770603625.70DACC8E@webmail.messagingengine.com>


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Package        : cairo
Version        : 1.12.2-3+deb7u1
CVE ID         : CVE-2016-9082
Debian Bug     : #842289

It was discovered that there was a possible DoS attack in Cairo, a
multi-platform library providing vector-based rendering. An SVG could
generate invalid pointers from a _cairo_image_surface in write_png.

For Debian 7 "Wheezy", this issue has been fixed in cairo version
1.12.2-3+deb7u1.

We recommend that you upgrade your cairo packages.


Regards,

- -- 
      ,''`.
     : :'  :     Chris Lamb
     `. `'`      lamby@debian.org / chris-lamb.co.uk
       `-

-----BEGIN PGP SIGNATURE-----

iQIcBAEBCAAGBQJYE6bqAAoJEB6VPifUMR5Y+5oP/2ezQVJZN+FOC3eM5LARKJES
kEZCuASr2nGuregpTgRjLr4LWtbF2MH2ISlzi4L1uw/IIljS43xC1Y+htPR09NME
SsbC8qL+3J/qUpNOBqF9+NnTVVhuAiwBvV2JFiXxNCX/V2TFe/tDz0MPp8f7YenF
1WQy4Bm7/29BekYmSwnED+KM+B60c7JbsQMpS1VnJ39/DM0r3Euoen4BCHKwQ6ph
2qRbhW65+IARGheT8gSW8WZSnfM/788zZzqJJ+bydaYz/C9C1zA1Cgc7Z32mr9SP
/GKybQHbl3KGzHrzGxxjLuJelBjIi/BGtc0mTzZfqQKTNku4gq1F+0PmmWHV5FTJ
Rb17mmJZ3F/HHVeyBR1N2s1jVzL8SltdfbuFO13WsCbd1PAT072R6sfBZ9zvl0KJ
gZcJQLUwWU8G+AgsksZjEJZbyPAEGped2t7kEx7mu+792FTrqOXEJsfsRm24yko2
vny7ksaytZvT/T8H+PibZ0XLynsKpJLutg+6bHDmzaQuSlS94aOcGCQtxwqUARr3
2O9K2KuixR697NnzFDaitQt5I9DZ8QbIhf2bwTvNCMKUiS6EhJmzfC5alE6M6vS9
ZbXM4lgGgUp14WVdSZ7QV+NiaqgGUBp35KYx6kuRe4bA9+RK7vdoDxZMG8/dbP9l
Znaxec6DgUXuJJ5/CZO+
=hMut
-----END PGP SIGNATURE-----
to post comments


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds