-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Package : optipng Version : 0.6.4-1+deb6u11 CVE ID : CVE-2015-7801
Gustavo Grieco discovered a use-after-free causing an invalid/double free in optipng 0.6.4. For Debian 6 Squeeze, this issue has been fixed in optipng version 0.6.4-1+deb6u11. Regards, - - -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJWKTciAAoJEB6VPifUMR5YKhIP/jE5sfJZbATpWsEKYNwGKrBt v9gAhNYO7SFRAMA+olDk3wFA3v2SuFx/bHBJFDGbm+ac5l8QnNQnhTbVhfEMIjq6 GCmy6hpcWs3te0hq61GKDZX+Gt+BckFN21MWWWAr70jz1XINepDnkPOmwPyTqb6U V/GUXMqULjceLww1NL+ouWKcHdBq1+SVGuOlZ6OWrz11MjItvZYSoQ+DSJX5JY27 ElMQ6IN7RUhfyJCt2oudT8o+1N7MwK66EDnVNb36saYVUTdHc5gAthMDb5g0ijjG sy0wNXgFHPr04ZINmhD47sqtQ92PUNU2qi8z+S4WTO/qQ7drdDLkU3dG768m/Kzy J69/ovwxlB8B0JizO9vAxwX7+cpNPlks4KVhJ/A3img3YQKfxzGT7jFqLq+I/qzf 86+wKz7uYBQMNdfB5c7n30giJKdW+sorLWlpeuIBkywkgwdrmF816nsfNl/8DI7H ytjGTKHRr/oyTTuxLXfqmCUX1VtQXHWwCw127cT1k6xiOPYoK6rVqoM7ug4XBjlY u25nsaTfY8q22wiIF08qQtYDN3ygZYYAIF1gwdcxODxv5vDS7R5NEuDwAHQgJWch zufcoVu3rcWXGlN/ZG14g8k5XXsJB5Zj5TpM9hW9TvXpr7bsIhqPQQTp2Nk5qMeR ryZVdZSBFS6BGSI9ys1N =YAd1 -----END PGP SIGNATURE-----