Debian Security Advisory 5786-1

Debian Security Advisory 5786-1: Posted Oct 7, 2024; Authored by Debian | Site debian.org; Debian Linux Security Advisory 5786-1 - Integer overflows flaws were discovered in the Compound Document Binary File format parser of libgsf, the GNOME Project G Structured File Library, which could result in the execution of arbitrary code if a specially crafted file is processed.; tags | advisory, overflow, arbitrary; systems | linux, debian; advisories | CVE-2024-36474, CVE-2024-42415; SHA-256 | 98c0d59e2d6c56f5374ef98a8c7336b85fff3f90be2ec312d6bc3af96e794ba8; Download | Favorite | View

Debian Security Advisory 5786-1

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5786-1                   security@debian.org
https://www.debian.org/security/                     Salvatore Bonaccorso
October 05, 2024                      https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : libgsf
CVE ID         : CVE-2024-36474 CVE-2024-42415
Debian Bug     : 1084056

Integer overflows flaws were discovered in the Compound Document Binary
File format parser of libgsf, the GNOME Project G Structured File
Library, which could result in the execution of arbitrary code if a
specially crafted file is processed.

For the stable distribution (bookworm), these problems have been fixed in
version 1.14.50-1+deb12u1.

We recommend that you upgrade your libgsf packages.

For the detailed security status of libgsf please refer to its security
tracker page at:
https://security-tracker.debian.org/tracker/libgsf

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmcBlPdfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND
z0S1cBAAga89kJH98e3ECM9RQaRFdnSpo9qWrxfJF+hGzsaXnZzzfD8yRNUj1YT6
ZXspu8wwMdc593UlZkZ4jg51LXUwqLoFRpLXObZ0wEoDQh17zLnQ4+lyY3ME1cTw
OlGqVdrFR2/Pg16jDGCreA4T5HkTRArthvdg03iiR/9LtQ3564Z5c+VJnx31tH1u
f7tgNcdSy4QEdFnpyMqSz0Exc8aIjWQSLxQju40jpfc3im++KYBk8kDr2gX/gilc
xQIKBURNyzq1UfwF/dYqmv0ZYRnrEmLhlD346HnD4gGv8t41nRnQsgolCRV7lI8H
kjJNChPSSM6K33bTv9KL0Cu31rN4CDzTyEsbLCoKo40jrdHVaTXlszM2GC6Wgu17
n5NlFibqU35Y3NitBm6L1EEkyakDB0rWONXMJ/BOdCpqVIzgtY/Vq98RJb8tP112
a0cyG9ffBBgnRZMUrKo0mKrU4A3+RUStQQahx1ECqAbYpqL+lU7ZXKHm9B7jgU+D
y/VESuQRYIOmA0I6jIvuRmGXGWJ+nVBkubshFmnpEO2JEPMzGxXLAieNcXApvdcs
eXRbUNLthPxsuEmHyC7XaUt9ADc56+tq7jopoIyB7Tui3lw3H/6fL9GPMhsjZAeL
1GZN+jq99G7ZdyHHiRUn/Lu/hRdy9rC4WPHJ65a49iRjhi/c69g=
=pubk
-----END PGP SIGNATURE-----

Top Authors In Last 30 Days

Red Hat 326 files
Ubuntu 72 files
Debian 21 files
Apple 14 files
LiquidWorm 13 files
Gentoo 8 files
Google Security Research 4 files
Andrey Stoykov 3 files
Jann Horn 3 files
Alter Prime 3 files

File Archives

Systems

AIX (430)
Apple (2,132)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,172)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,607)
HPUX (881)
iOS (395)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (52,112)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,459)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (10,018)
UNIX (9,482)
UnixWare (188)
Windows (6,785)
Other

Debian Security Advisory 5786-1

Debian Security Advisory 5786-1

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Debian Security Advisory 5786-1

Share This

Debian Security Advisory 5786-1

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems