Package : libical Version : 0.48-2+deb7u1 CVE ID : CVE-2016-5824 CVE-2016-9584 Debian Bug : #860451, #852034
It was discovered that there was a use-after-free vulnerability in the libical iCalendar library. Remote attackers could cause a denial of service and possibly read heap memory via a specially crafted .ICS file.
For Debian 7 "Wheezy", this issue has been fixed in libical version 0.48-2+deb7u1.
We recommend that you upgrade your libical packages.
,''`. : :' : Chris Lamb `. `'` firstname.lastname@example.org / chris-lamb.co.uk `-