Debian Security Advisory 3098-1

Debian Security Advisory 3098-1: Posted Dec 11, 2014; Authored by Debian | Site debian.org; Debian Linux Security Advisory 3098-1 - Joshua Rogers discovered a format string vulnerability in the yyerror function in lib/cgraph/scan.l in Graphviz, a rich set of graph drawing tools. An attacker could use this flaw to cause graphviz to crash or possibly execute arbitrary code.; tags | advisory, arbitrary; systems | linux, debian; advisories | CVE-2014-9157; SHA-256 | 68bf61fc172f38d647343e482b1c4138112d7b7712b206f79b2462e2dd8eadfb; Download | Favorite | View

Debian Security Advisory 3098-1

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-3098-1                   security@debian.org
http://www.debian.org/security/                      Salvatore Bonaccorso
December 11, 2014                      http://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : graphviz
CVE ID         : CVE-2014-9157
Debian Bug     : 772648

Joshua Rogers discovered a format string vulnerability in the yyerror
function in lib/cgraph/scan.l in Graphviz, a rich set of graph drawing
tools. An attacker could use this flaw to cause graphviz to crash or
possibly execute arbitrary code.

For the stable distribution (wheezy), this problem has been fixed in
version 2.26.3-14+deb7u2.

For the upcoming stable distribution (jessie), this problem will be
fixed soon in version 2.38.0-7.

For the unstable distribution (sid), this problem has been fixed in
version 2.38.0-7.

We recommend that you upgrade your graphviz packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJUicMWAAoJEAVMuPMTQ89EdygP/iTwBisnJ13s+afAineui04Z
hJrj41+Wb7GQ7zkX1NZXC7e6JgD4S7GiZ0AQnoAG1dKv9yuXDc8Rk2MThP9VuSnl
RR+sT6aTAf5rhFO342EgcTdf7H/PWz2NOVR+xHMKqd3PkwA22GmjUX9cRBeiW4Mv
uYd6Jaq2rM5OALksebUr81zONtKbBz5jV22LtfyF4nkv+4RkzefqyJZspEbXGN2M
ElDAkBHq3uQDeaGrzW4Xd+dlxnIJD2/KHGnCDv4YFOgX2X9dd80Txt3W51st8tgt
TzkNPpiNUT+Izruuo772oOgQdvtCEY/reRJJw0SAP2cu2oMD/poMkbbCJ3aBlv35
kR79MseJBigdgpzatF1MUtgpQT+Fm2T6lyszGaViEJ2rWAFBV7x7cX7nZke2vZb2
Nrt+/w1hwnsFG0TsGCTD6k7HF+gVkva+OMhNje396dsHhtQHWQmOQfOuVRDpqRfI
1ijvXGXomOCE9iXm/rDaEq2MsuyjB6QPaIGfD7oZun8seH0Cv+U1f7Hp7e7kn6Cf
0uIYHG2NRSkaUrdbDWfnms6X882JFm1LHe2GdoPo64nCrOs67xwfOn+78GaYFyRN
QBT78lyFv4SDlrwiawPKxeTFg6eAxrSXeqdJuuy4flPIUV4k613EeJ3lMMsdmrY3
YhL3IpIOCaeow6VZDNjP
=J1ug
-----END PGP SIGNATURE-----

Top Authors In Last 30 Days

Red Hat 228 files
Ubuntu 55 files
Debian 27 files
LiquidWorm 11 files
Valentin Lobstein 11 files
nu11secur1ty 8 files
Google Security Research 6 files
Apple 6 files
Milad Karimi 5 files
Yevhenii Butenko 4 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,022)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,333)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,578)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,460)
UNIX (9,394)
UnixWare (187)
Windows (6,650)
Other

Debian Security Advisory 3098-1

Debian Security Advisory 3098-1

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Debian Security Advisory 3098-1

Share This

Debian Security Advisory 3098-1

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems