lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Sun, 19 Jul 2015 19:47:27 +0200 From: Moritz Muehlenhoff <jmm@...ian.org> To: bugtraq@...urityfocus.com Subject: [SECURITY] [DSA 3310-1] freexl security update -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3310-1 security@...ian.org https://www.debian.org/security/ Moritz Muehlenhoff July 19, 2015 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : freexl CVE ID : not yet available It was discovered that an integer overflow in freexl, a library to parse Microsoft Excel spreadsheets may result in denial of service if a malformed Excel file is opened. For the oldstable distribution (wheezy), this problem has been fixed in version 1.0.0b-1+deb7u2. For the stable distribution (jessie), this problem has been fixed in version 1.0.0g-1+deb8u2. For the testing distribution (stretch), this problem has been fixed in version 1.0.2-1. For the unstable distribution (sid), this problem has been fixed in version 1.0.2-1. We recommend that you upgrade your freexl packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@...ts.debian.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBAgAGBQJVq+KDAAoJEBDCk7bDfE42fAIQAKfMu9ZBVUkmPsxKTf3J1ygS DuK7g2PP2hacV3D+igshEL7IxzNKkvdz/Eguz/6ZZUisCueWGginhXNcfvmdjISU bd90aHVZv9c0ZnGTnsY0Fbw8Q2bDyOL05ebSOc7QRLJyMqsdP43MgqjICFw7RgoV Pn3lIVKrfQ9qEE/OKJQa8j0Q+R3tPuwC34z4Gw06HTsB1srtmGLHh9QcfpY0uTeW 3MymXOTAVMOpc/VDAcE2HWcy66d1HtKt96pfBSU5koP4ZX3rF3MmPl3FBKfA+RyR Z8Kxr1PoNuttwldbXwHRMX65Swr655+qV+Y5Nj2qawEBTbcsrSIH3RLjgwoSbojc pzazg9qejxQOrN7E7b+x0tIu1F0Nq+gxc9/d9mWsuBGHV9SyiS+CP7FKYsQgir9b CeKgIu1lU3Rlk5wVpQyZteyLMkMN0zsaQD6DNeTHyRYF7rCaSXvt/9JSLsj2jagN JkPXWByxHitMtWeMMeg1cgQ77qIurk9Mm1tNeQ3lsM43pJqRKr5ggp2cVMtihSFX 8ptrETGzy7NR+If241sYMFTqUn4E8qKTS+0U0HlOPjg/yQ/3zY50/t5udMl5ToV2 b7MS1grueUWFSOKe2kfj2r0VFib3WYNXsm06UvjL5+2sGBtlqCSIFBZbnw+SZw8E UX4FIBx19in8mVfB1C5K =Crfh -----END PGP SIGNATURE-----
Powered by blists - more mailing lists