blob: 4e14c58f01bda56920f7a5bbb71b60c280e03a46 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
|
<define-tag description>LTS security update</define-tag>
<define-tag moreinfo>
<p>[This DLA supersedes my wrong announcement using DLA 241-1]</p>
<ul>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2015-3885">CVE-2015-3885</a>
<p>Integer overflow in the ljpeg_start function in dcraw 7.00 and earlier
allows remote attackers to cause a denial of service (crash) via a
crafted image, which triggers a buffer overflow, related to the len
variable.</p></li>
</ul>
<p>We recommend that you upgrade your libraw packages.</p>
</define-tag>
# do not modify the following line
#include "$(ENGLISHDIR)/lts/security/2015/dla-243.data"
# $Id$
|
