Debian alert DLA-1631-1 (libcaca)
| From: | Markus Koschany <apo@debian.org> | |
| To: | debian-lts-announce@lists.debian.org | |
| Subject: | [SECURITY] [DLA 1631-1] libcaca security update | |
| Date: | Wed, 9 Jan 2019 23:25:05 +0100 | |
| Message-ID: | <7c3b01ff-f0d6-1ddb-8aca-96586e092eb0@debian.org> |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Package : libcaca Version : 0.99.beta19-2+deb8u1 CVE ID : CVE-2018-20544 CVE-2018-20546 CVE-2018-20547 CVE-2018-20549 Debian Bug : 917807 Several vulnerabilities were discovered in libcaca, a graphics library that outputs text: integer overflows, floating point exceptions or invalid memory reads may lead to a denial-of-service (application crash) if a malformed image file is processed. For Debian 8 "Jessie", these problems have been fixed in version 0.99.beta19-2+deb8u1. We recommend that you upgrade your libcaca packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAlw2dMFfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7 UeSHzA//fPpirEs2ISwGV+l1p3A7eWL+eRwe+jUKye9dbKtaaGEvDejXrZ76jJ8i F2rmAbt7Wf/ScnfaqfDIi6V2lrbrJzvraTocYEd9DfW7lgmdc5RVEmmMyZhfbcsh Bd8mcFNqY99qD+TchFvLFn3rtPWQN/bAdva/n39PwtLMVbeSeIjfKtC9CLtylwme Iv8Lik3gVzspF2U3EZylwGohciESvYGKYakwWlUGEb3Xq7PZzLz0ki7sg0c2G0Mx GC+IdND838fT9tzxdMpJsBr+dWZTcStua6UE5wmOwUhEMfog7iO9BI7UiygloWk8 P+hKEJhEAwxIuWTjpgA2QTKBg53H9YY2grckWX7PV01tDOtk61MnxywHwaDbe5s+ 8g4S6Z89nnyIJYcPSdEKwaeXvbw0qfrxxZrir15v/rqWHtH1xZA4RZTYU5QnvpbT XTmn8Usz7RRI4oV4lrkPJCBozYc41Cu0nbS2KH7ofbssrJ+vwYK4bdiK6JEOQPW1 3CbxPmcYFUXhohMlmO+ugqp7Gt4eOgb1jpooj59M0fbIX+vtMPd6EKiErKvVA6UL WL+YVEQJ/+v2I7AWJBUwcaL7JIAwtu97PjFzkz7uw375eMTeMGoEM87vulxnRRcc KwSPYuNPQRkx/DawKM8i3oUa4S43++q6nj/DkaesJ+W6XeEgiys= =ZFTX -----END PGP SIGNATURE-----