Debian Security Advisory 5323-1

Debian Security Advisory 5323-1: Posted Jan 20, 2023; Authored by Debian | Site debian.org; Debian Linux Security Advisory 5323-1 - It was discovered that the CompareTool of iText, a Java PDF library which uses the external ghostscript software to compare PDFs at a pixel level, allowed command injection when parsing a specially crafted filename.; tags | advisory, java; systems | linux, debian; advisories | CVE-2021-43113; SHA-256 | 313b77c59c1f5cfeb179c460ce914a4540b0ef907c09eba7848df15bdf973f2a; Download | Favorite | View

Debian Security Advisory 5323-1

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5323-1                   security@debian.org
https://www.debian.org/security/                          Markus Koschany
January 19, 2023                      https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : libitext5-java
CVE ID         : CVE-2021-43113
Debian Bug     : 1014597

It was discovered that the CompareTool of iText, a Java PDF library which uses
the external ghostscript software to compare PDFs at a pixel level, allowed
command injection when parsing a specially crafted filename.

For the stable distribution (bullseye), this problem has been fixed in
version 5.5.13.2-1+deb11u1.

We recommend that you upgrade your libitext5-java packages.

For the detailed security status of libitext5-java please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/libitext5-java

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmPJxhlfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7
UeSSQw//dNjqrUajjV4/7uztzOajIWwBM7Ra3PNl3Up9jaZJaKdhdBAtDT4qRjK+
lVx9CNojQplJQ6k4N3Yzq0Ose3HozR99+bj2J/MC8+skq8LpChDzKCVdVww9To9T
XxWaHWHlxSyn9j8nZTvbBAiQcr/KdZFuivFlLtmiLKG0n0S/Czp3YEwYcmv27LbS
CehfmOjxpgbLOWGScqQqk9e3aisQ7twMIVU1ED3rKDsjqSHOkxEq9ZZo04TRxGnf
okue6KYTizeQq396mzLPd8HlFzTJGDjMqokyrNYBPxFZqPVXm40GSyZiA2OEXcba
Txikx6+XSi/yqngVZxa9gZPL1ATCNaPoJh+n/4eLczHXm90MZ7JWHe8AIGV4mA5i
W3olP4blcyRcS10bxwR/qwNikrr0j7PSLv/SP6T/p+ZUzpBXcV9+tPPfzAQ/Wsjd
9h/fuPiAdA06OBe0r9hXwO6hX6bxCVVwK6gA8vzCY84kgQp8HUXa6RBSxy/xbfFE
GqQW1VToiOOL4IhMY7Pl/4NAaUJUxc4kbpFh2Y8BKytPAivk+DfZGpfsGxP+QXYR
5l7nfnIS+j6+F/wL77cxaCGgF7NgH9YuRYQypstHRDrAqGbA97ZE2bAfBX/9TpIG
eyqG9sE+rrCbcm/dDr7be31f5TVQ4XmV4gZSE5iw7x5tg+1Wj9c=
=Z8P9
-----END PGP SIGNATURE-----

Top Authors In Last 30 Days

Red Hat 287 files
Ubuntu 60 files
Debian 32 files
Gentoo 28 files
LiquidWorm 10 files
nu11secur1ty 7 files
Adam Gowdiak 4 files
liquidsky 3 files
kai6u 3 files
malvuln 3 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,036)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,495)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,567)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,739)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,489)
UNIX (9,397)
UnixWare (187)
Windows (6,656)
Other

Debian Security Advisory 5323-1

Debian Security Advisory 5323-1

File Archive:

May 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Debian Security Advisory 5323-1

Share This

Debian Security Advisory 5323-1

File Archive:

May 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems