[SECURITY] [DLA 469-1] libgwenhywfar security update

2016-05-1217:38:08

lists.debian.org

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

CVSS3

5.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

AI Score

5.1

Confidence

High

EPSS

0.008

Percentile

82.0%

JSON

Package : libgwenhywfar
Version : 4.3.3-1+deb7u1
CVE ID : CVE-2015-7542
Debian Bug : 748955

It was discovered that libgwenhywfar (an OS abstraction layer that
allows porting of software to different operating systems like Linux,
*BSD, Windows etc.) used an outdated CA certificate bundle.

For Debian 7 "Wheezy", this issue has been fixed in libgwenhywfar version
4.3.3-1+deb7u1 by utilising the ca-certificates package.

We recommend that you upgrade your libgwenhywfar packages.

Regards,

  ,&#x27;&#x27;`.
 : :&#x27;  :     Chris Lamb
 `. `&#x27;`      [email protected] / chris-lamb.co.uk
   `-

OSVersionArchitecturePackageVersionFilename
Debian7armhflibgwenhywfar60-dev< 4.3.3-1+deb7u1libgwenhywfar60-dev_4.3.3-1+deb7u1_armhf.deb
Debian7amd64gwenhywfar-tools< 4.3.3-1+deb7u1gwenhywfar-tools_4.3.3-1+deb7u1_amd64.deb
Debian7armhflibgwenhywfar60-dbg< 4.3.3-1+deb7u1libgwenhywfar60-dbg_4.3.3-1+deb7u1_armhf.deb
Debian7amd64libgwengui-qt4-0< 4.3.3-1+deb7u1libgwengui-qt4-0_4.3.3-1+deb7u1_amd64.deb
Debian7i386libgwenhywfar60< 4.3.3-1+deb7u1libgwenhywfar60_4.3.3-1+deb7u1_i386.deb
Debian7amd64libgwenhywfar60-dev< 4.3.3-1+deb7u1libgwenhywfar60-dev_4.3.3-1+deb7u1_amd64.deb
Debian7i386libgwengui-qt4-0< 4.3.3-1+deb7u1libgwengui-qt4-0_4.3.3-1+deb7u1_i386.deb
Debian7alllibgwenhywfar-data< 4.3.3-1+deb7u1libgwenhywfar-data_4.3.3-1+deb7u1_all.deb
Debian7armhflibgwengui-fox16-0< 4.3.3-1+deb7u1libgwengui-fox16-0_4.3.3-1+deb7u1_armhf.deb
Debian7alllibgwenhywfar-doc< 4.3.3-1+deb7u1libgwenhywfar-doc_4.3.3-1+deb7u1_all.deb

OS	Version	Architecture	Package	Version	Filename
Debian	7	armhf	libgwenhywfar60-dev	< 4.3.3-1+deb7u1	libgwenhywfar60-dev_4.3.3-1+deb7u1_armhf.deb
Debian	7	amd64	gwenhywfar-tools	< 4.3.3-1+deb7u1	gwenhywfar-tools_4.3.3-1+deb7u1_amd64.deb
Debian	7	armhf	libgwenhywfar60-dbg	< 4.3.3-1+deb7u1	libgwenhywfar60-dbg_4.3.3-1+deb7u1_armhf.deb
Debian	7	amd64	libgwengui-qt4-0	< 4.3.3-1+deb7u1	libgwengui-qt4-0_4.3.3-1+deb7u1_amd64.deb
Debian	7	i386	libgwenhywfar60	< 4.3.3-1+deb7u1	libgwenhywfar60_4.3.3-1+deb7u1_i386.deb
Debian	7	amd64	libgwenhywfar60-dev	< 4.3.3-1+deb7u1	libgwenhywfar60-dev_4.3.3-1+deb7u1_amd64.deb
Debian	7	i386	libgwengui-qt4-0	< 4.3.3-1+deb7u1	libgwengui-qt4-0_4.3.3-1+deb7u1_i386.deb
Debian	7	all	libgwenhywfar-data	< 4.3.3-1+deb7u1	libgwenhywfar-data_4.3.3-1+deb7u1_all.deb
Debian	7	armhf	libgwengui-fox16-0	< 4.3.3-1+deb7u1	libgwengui-fox16-0_4.3.3-1+deb7u1_armhf.deb
Debian	7	all	libgwenhywfar-doc	< 4.3.3-1+deb7u1	libgwenhywfar-doc_4.3.3-1+deb7u1_all.deb