[SECURITY] [DLA 1687-1] sox security update

2019-02-24 Thread Adrian Bunk 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Package: sox
Version: 14.4.1-5+deb8u1
CVE ID : CVE-2014-8145
Debian Bug : 773720

Mike Salvatore discovered that the fixes for these heap-based buffer 
overflows had not been properly applied in the Debian package.

For Debian 8 "Jessie", this problem has been fixed in version
14.4.1-5+deb8u1.

We recommend that you upgrade your sox packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS


-BEGIN PGP SIGNATURE-

iQIzBAEBCgAdFiEEOvp1f6xuoR0v9F3wiNJCh6LYmLEFAlxy9uQACgkQiNJCh6LY
mLGEiA/+PiAhtxro1VFF3IRpziLFa6ndQ2YgvCFhZStBiLZjmG/RG4NCOjWREQ7M
vp81eWwe8Vme4IgtYM+PNFlwzf5SlTYNviVA/XDkdFQl7PqOzPO+A1IEkC7E5fZn
HyaCQhzr1SZ+e666Az/5pHX+GNimorrON9wxJqt9Z7/qW97jWM75g8e7zY9rZByd
aQ357OP8njiS/iLedxaVHTR7KNYT61DVuH8qz4NZNjbomEmRGbzHpDNqqFnUoGrC
i+MuefKXBvbJ7zYsXC+hmUKq7VqzG4OO3yZ7C6igvnPyxt3yIZ3Kfg/vfhP6UUuh
ydhPfjAKtpSQ4WvQ/GvFMXIdnw194ax+BopF0nDQhdNPk+UFvPAHgXmK45x5Kg9O
CbVFHtIaIrt8gcppYDtLu5l2C0HaiD5gHj8SD1ZhVOXWMFXvBbAmBVQ71jM6jrjw
u8VLlFRWfFRRvwKcb55EacsmCtgdDGtxHQDc9XP3nrBHfYuZXsg4mOYHDNrVpwxn
3MvCGZH0iRPCzux9/I4yM7ymF8dFNtG+Gzak6j7ekxPV9ENOMuU/nlwdZfhc3kD9
t+8BcsHnVDZk9LGXiszyrPdHRX9Jkfbx+hvP+MTSnH6s2rcyuVmPBv1s44k/aG3a
JJtKdUVMPR0WDA8kvDJCKCgzVNmgOPEu5h9dhcfCiFemfLvGTpQ=
=XFuK
-END PGP SIGNATURE-

[SECURITY] [DLA 1686-1] freedink-dfarc security update

2019-02-24 Thread Sylvain Beucler 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Package: freedink-dfarc
Version: 3.12-1+deb8u1
CVE ID : CVE-2018-0496

Sylvain Beucler and Dan Walma discovered several directory traversal
issues in DFArc, a frontend and extensions manager for the Dink
Smallwood game, allowing an attacker to overwrite arbitrary files on
the user's system.

For Debian 8 "Jessie", this problem has been fixed in version
3.12-1+deb8u1.

We recommend that you upgrade your freedink-dfarc packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-BEGIN PGP SIGNATURE-

iQEzBAEBCgAdFiEEQic8GuN/xDR88HkSj/HLbo2JBZ8FAlxyrz8ACgkQj/HLbo2J
BZ+1FAf/QUOLJxtFgixRukQ2xs9v1YewkRWNvfZx0e+4x698vC8U8DxNumBsMH42
Lphzwfvaxf7iVYFVty6IT+XNTfsC72qQw8hrk02bAWsjAKWEuER41shzCSLx0rOo
meC83XrCSN+ITfTc2VPnn7x/CKSk3ivAzhPPxZ9lG5q/oSjt4YP+v/pYC7P2i/fs
R8owrh2kkCcP6cxGgO/mKjHdX2VS6JcskUwiOoMAPskDE+01WFmj+xNj5OnYeFF1
F39Nvqe4LyhSr02X2Wvbd1KMPzu8TVdFOVxUkEG0FUEBVGAlgM/sxDEF8c1Dq7pS
y5QgIcqjKsgKR/J/Uac06jHfu9sSVw==
=SW7v
-END PGP SIGNATURE-