|
|
Subscribe / Log in / New account

Debian alert DLA-2054-1 (jhead)



From:
              Adrian Bunk <bunk@debian.org> 


To:
              debian-lts-announce@lists.debian.org 


Subject:
              [SECURITY] [DLA 2054-1] jhead security update 


Date:
              Tue, 31 Dec 2019 20:15:10 +0200


Message-ID:
              <20191231181510.GA9988@localhost>


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : jhead
Version        : 1:2.97-1+deb8u2
CVE ID         : CVE-2018-16554 CVE-2018-17088 CVE-2019-1010301 CVE-2019-1010302
Debian Bug     : 907925 908176 932145 932146

Multiple buffer overflows have been fixed in jhead, a program to 
manipulate the non-image part of Exif compliant JPEG files.

For Debian 8 "Jessie", these problems have been fixed in version
1:2.97-1+deb8u2.

We recommend that you upgrade your jhead packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEOvp1f6xuoR0v9F3wiNJCh6LYmLEFAl4LkC4ACgkQiNJCh6LY
mLGL0hAAuFfZgh6hem2mSBcbckdxj5Ihn3RdK4Ke7yDgN96amUKnatiTlyaPcWEb
QhDFSaVWOSA/8hzUAcyyrtcLoJO45MmGkBofFD+cNlSwh9uqev+W79HFDshRRVI0
DnOtxQw5GJd+pETYMR2lzUzjAFKm336ix70HvgOJL7TsCRYFJJHogEesPdebWTDY
gGr5U73qx5nr2Lbb1CGK0w5bXjagsvIMF3YeCtT6DubWFOtARUsWgC5K9JLQPl+A
Nbfl+mX+YrdRm7MoOLaVOdzzUqjFr9ArhrBilV9o2A4RwlZtKoAbfg4Dw4byQ2JG
Au6LPAzZOcoyJ+f90J/gggll7JbjqfbkTcg+lsvdjRBg7jQyevdyCuyipoZDTuo0
pmrWBsVsm56CevXzE1Dl77iNW6uKtWNZ7CVt5i74xkVRpj+l6iVm4qm5GpXew1A0
7GN6bj7u6xZcJPzYg61AZaf4gOl5xra3jLR6W8XsTjRnrvZZp4DFN8Kw2jn1amxa
GyFP2QnpNFEzCvxoDYTyZTfTN1NC0RGOJk18L8VFsTbiW2RUS1s4GZ/Sx4YkDn2r
ErIj9Ftebjx+7wPBPFF/Vj2CK4Zmeub5vnxgukavuRcUOmK5OFz9J/ZrBEeFlgun
vYMbTXbwwC+rOz3CEPOX+VFDsOJrnlIHPCL/27yxTiqLvIOxxG0=
=jUbH
-----END PGP SIGNATURE-----
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds