Lucene search

DebianDEBIAN:DSA-3537-1:66D2D

HistoryMar 31, 2016 - 10:43 a.m.

[SECURITY] [DSA 3537-1] imlib2 security update

2016-03-3110:43:44

lists.debian.org

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

8 High

AI Score

Confidence

High

0.058 Low

EPSS

Percentile

93.4%

JSON

Debian Security Advisory DSA-3537-1 [email protected]
https://www.debian.org/security/ Sebastien Delafond
March 31, 2016 https://www.debian.org/security/faq

Package : imlib2
CVE ID : CVE-2014-9762 CVE-2014-9763 CVE-2014-9764

Several vulnerabilities were discovered in imlib2, an image
manipulation library.

CVE-2014-9762

A segmentation fault could occur when opening GIFs without a
colormap.

CVE-2014-9763

Several divisions by zero, resulting in a program crash, could
occur when handling PNM files.

CVE-2014-9764

A segmentation fault could occur when opening GIFs with feh.

For the oldstable distribution (wheezy), these problems have been fixed
in version 1.4.5-1+deb7u1.

For the stable distribution (jessie), these problems have been fixed in
version 1.4.6-2+deb8u1.

For the testing (stretch) and unstable (sid) distributions, these
problems have been fixed in version 1.4.7-1.

We recommend that you upgrade your imlib2 packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: [email protected]

OSVersionArchitecturePackageVersionFilename
Debian8arm64libimlib2< 1.4.6-2+deb8u1libimlib2_1.4.6-2+deb8u1_arm64.deb
Debian8armhflibimlib2< 1.4.6-2+deb8u1libimlib2_1.4.6-2+deb8u1_armhf.deb
Debian8ppc64ellibimlib2< 1.4.6-2+deb8u1libimlib2_1.4.6-2+deb8u1_ppc64el.deb
Debian7ia64libimlib2< 1.4.5-1+deb7u1libimlib2_1.4.5-1+deb7u1_ia64.deb
Debian6amd64libimlib2-dev< 1.4.2-8+deb6u1libimlib2-dev_1.4.2-8+deb6u1_amd64.deb
Debian8amd64libimlib2< 1.4.6-2+deb8u1libimlib2_1.4.6-2+deb8u1_amd64.deb
Debian7amd64libimlib2-dev< 1.4.5-1+deb7u1libimlib2-dev_1.4.5-1+deb7u1_amd64.deb
Debian7mipslibimlib2-dev< 1.4.5-1+deb7u1libimlib2-dev_1.4.5-1+deb7u1_mips.deb
Debian8mipslibimlib2< 1.4.6-2+deb8u1libimlib2_1.4.6-2+deb8u1_mips.deb
Debian6i386libimlib2-dev< 1.4.2-8+deb6u1libimlib2-dev_1.4.2-8+deb6u1_i386.deb

OS	Version	Architecture	Package	Version	Filename
Debian	8	arm64	libimlib2	< 1.4.6-2+deb8u1	libimlib2_1.4.6-2+deb8u1_arm64.deb
Debian	8	armhf	libimlib2	< 1.4.6-2+deb8u1	libimlib2_1.4.6-2+deb8u1_armhf.deb
Debian	8	ppc64el	libimlib2	< 1.4.6-2+deb8u1	libimlib2_1.4.6-2+deb8u1_ppc64el.deb
Debian	7	ia64	libimlib2	< 1.4.5-1+deb7u1	libimlib2_1.4.5-1+deb7u1_ia64.deb
Debian	6	amd64	libimlib2-dev	< 1.4.2-8+deb6u1	libimlib2-dev_1.4.2-8+deb6u1_amd64.deb
Debian	8	amd64	libimlib2	< 1.4.6-2+deb8u1	libimlib2_1.4.6-2+deb8u1_amd64.deb
Debian	7	amd64	libimlib2-dev	< 1.4.5-1+deb7u1	libimlib2-dev_1.4.5-1+deb7u1_amd64.deb
Debian	7	mips	libimlib2-dev	< 1.4.5-1+deb7u1	libimlib2-dev_1.4.5-1+deb7u1_mips.deb
Debian	8	mips	libimlib2	< 1.4.6-2+deb8u1	libimlib2_1.4.6-2+deb8u1_mips.deb
Debian	6	i386	libimlib2-dev	< 1.4.2-8+deb6u1	libimlib2-dev_1.4.2-8+deb6u1_i386.deb