-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Package : sane-backends Version : 1.0.22-7.4+deb7u1 CVE ID : CVE-2017-6318 Debian Bug : #854804
It was discovered that there was an issue in sane-backends, an API library for scanners. It allowed remote attackers to obtain sensitive memory information via a crafted SANE_NET_CONTROL_OPTION packet. For Debian 7 "Wheezy", this issue has been fixed in sane-backends version 1.0.22-7.4+deb7u1. We recommend that you upgrade your sane-backends packages. Regards, - -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `- -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAlkWvGEACgkQHpU+J9Qx HlgQGQ//WCBT8GtCERn+xPJnL++QE5eQHogqiBNzKzjKB3jqlq+ILeDvojZZDNtt 2J3d/i6Diwv7Ie5DPS1zM06OMFgWxrPR7yg1umrFVNzs4P39dSLGOqaORhZ6pmXU UiYx6oLohvZhre/aRnnZ8OWdZHfkhAFShteEeGO6nNR3AbIoCvPH38npgTUD+uVd 7MFQ+oSpDfhdrf+Xtcu891qfhrysHcublx5UnO+b/GtvMf1srfmkO2ychzn3QKM5 eVbMsoD051eLR0NxUyjoI1fmQNsG7AJnQje9i91zMHpF10/alb+h3tE5cNhVjGvl GIAtE1E0Ar9q2I9o9dnCnJz3mqqOV4Py3tUyJ4/D3L6mEf/QWVwQdgQj2PRiIbSR pFEr4W+ez0EWYrOVqWBMIoUkumh5kT8GrdAyvRar5JGsOsc1X4mA24jtc+v0UfV2 MuoiWXqHVflDP296Y+3yx7MpguMabG+1/LcWzOcJHh+TZEv5eEDz1JipwOOj97gW 9d1bYANeVWvG319fhe82nMVRt3PK6HscFv4gtyIuLd0jUtbGhHIdN+ax43cjmB4Q A8255ojhAX+HXiALXsCLz8cCy0QBosm6lWmP9dJYCFFGWf4GUOlbVUO3tvHy8y3u N8Uf8PxDLDH4c9tfGTIStaSROFbOp99dfgVEceSHY/OlSfaZ93w= =/mUx -----END PGP SIGNATURE-----