You are here
Home > Preporuke > Sigurnosni nedostaci programskog paketa jbig2dec

Sigurnosni nedostaci programskog paketa jbig2dec

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA512

– ————————————————————————-
Debian Security Advisory DSA-3855-1 security@debian.org
https://www.debian.org/security/ Salvatore Bonaccorso
May 18, 2017 https://www.debian.org/security/faq
– ————————————————————————-

Package : jbig2dec
CVE ID : CVE-2017-7885 CVE-2017-7975 CVE-2017-7976
Debian Bug : 860460 860787 860788

Multiple security issues have been found in the JBIG2 decoder library,
which may lead to denial of service, disclosure of sensitive information
from process memory or the execution of arbitrary code if a malformed
image file (usually embedded in a PDF document) is opened.

For the stable distribution (jessie), these problems have been fixed in
version 0.13-4~deb8u2.

For the unstable distribution (sid), these problems have been fixed in
version 0.13-4.1.

We recommend that you upgrade your jbig2dec packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
—–BEGIN PGP SIGNATURE—–

iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlkd8/1fFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND
z0Q6mA//QKmVvHleTPsAd8J4/RZN3FceRddsYgahBCjoA/sAc6T0led6C3T9xwrY
3R6tNEXh+1alqrYkPFRtnQsmu515UcxNYTed8zRtQXDpUqgqayvrQMlJRlS3VOGH
9xIM46rhirJnV7C96rk3pG2rGAxN7Uo8Z9+dH6PehFezF/GWt3EqHv2xcfU5Czwn
pPsSIndjOO+aBPiZql6iS4C7eEbs9lKSdRJ1YTbkyxF/TftjxByQ17HNsQR9PUWG
BtnJpbUpeFwAUr9XkV1w+jKtpbSbDETwC7m//+mxeRf8eUQh3BpnwXGjn+UmSH4B
0TlFBI4Tbh/+wGEjLJvs6b6BqBZ25q5InUFLXzQtN8/OYPHM+1QIPlJNRl8Ce7QD
J1FUhiCoWmwQDL2VBGkGPHcu0Yp+sqoLEgzeBSHRIgqiQklHrluhoUqtIMeeONQU
CF7Ox/XuvWW6qDWnfagD9J+TJoGmHummVKRZVcVaZQk2wO3zyj/ShhzbNr9BNLNf
yI1ZP2IIu4lvH6bjKIGvpbuLBv61vF12WToePlk3yQrxKK10Ibpwj43fitr23PnX
EAFKBPU3y8fPdqmEBzXKL6pK/E5Bb0mVnJ2RZZlOHLkI2evs2h+Co5R37INUSxsN
nWiHHAPSm53yCjbp9HxwdO6WiBrbWUhpmcyhv/+ayFtGn9Yvc5E=
=FSsa
—–END PGP SIGNATURE—–

Top
More in Preporuke
Sigurnosni nedostatak programskog paketa smb4k

Otkriven je sigurnosni nedostatak u programskom paketu smb4k za openSUSE Leap 42.2. Otkriveni nedostatak lokalnim korisnicima pruža mogućnost stjecanja root...

Close