[SECURITY] [DLA 810-1] libarchive security update

2017-01-30 Thread Chris Lamb
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Package: libarchive Version: 3.0.4-3+wheezy5+deb7u1 CVE ID : CVE-2017-5601 Debian Bug : #853278 It was discovered that there was a heap buffer overflow in libarchive, a multi-format archive and compression library. For

[SECURITY] [DLA 809-1] tcpdump security update

2017-01-30 Thread Ola Lundqvist
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Package: tcpdump Version: 4.9.0-1~deb7u1 CVE ID : CVE-2016-7922 CVE-2016-7923 CVE-2016-7924 CVE-2016-7925 CVE-2016-7926 CVE-2016-7927 CVE-2016-7928 CVE-2016-7929 CVE-2016-7930 CVE-2016-7931

[SECURITY] [DLA 610-2] tiff3 regression update

2017-01-30 Thread Raphael Hertzog
Package: tiff3 Version: 3.9.6-11+deb7u3 Debian Bug : 852610 Version 3.9.6-11+deb7u1 and 3.9.6-11+deb7u2 introduced changes that resulted in libtiff writing out invalid tiff files when the compression scheme in use relies on codec-specific TIFF tags embedded in the image. For

[SECURITY] [DLA 807-1] imagemagick security update

2017-01-30 Thread Guido Günther
Package: imagemagick Version: 8:6.7.7.10-5+deb7u11 CVE ID : CVE-2016-10144 CVE-2016-10145 CVE-2016-10146 CVE-2017-5506 CVE-2017-5507 CVE-2017-5508 CVE-2017-5510 CVE-2017-5511 Debian Bug : #851485, #851483, #851380, #851383, #851382, #851381,