-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3208-1 security@debian.org http://www.debian.org/security/ Moritz Muehlenhoff March 29, 2015 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : freexl CVE ID : CVE-2015-2753 CVE-2015-2754 CVE-2015-2776 Jodie Cunningham discovered multiple vulnerabilities in freexl, a library to read Microsoft Excel spreadsheets, which might result in denial of service or the execution of arbitrary code if a malformed Excel file is opened. For the stable distribution (wheezy), these problems have been fixed in version 1.0.0b-1+deb7u1. For the upcoming stable distribution (jessie), these problems have been fixed in version 1.0.0g-1+deb8u1. For the unstable distribution (sid), these problems have been fixed in version 1.0.0g-1+deb8u1. We recommend that you upgrade your freexl packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBAgAGBQJVGDaqAAoJEBDCk7bDfE4229YP/jFQ9cdnS2TJfRC3bQbDSgIX utNbB/XpaarGrCqpOJQO3lX+n24nytSydC7M/bHVqTgPzYpkF7fYUnNuT5E072Ji Fu8cE9i1h5pLhdV7hg2G3yguj/N21NEzBFu774WUVnob/lb9ncoPUu3m+qqj9Hi1 A1yZ8cGwcGrrq9FMv4nLQBaa8gJP8apWJx8lr5/GennipqgFvuDMgygCh76O95eY yZAr4KH+5Fyy8nWu5BkczfuZ8ARQRDxtsNPNZNBTs8Oa28UWCAak/cWS3XJ9LKkk ggc68PUFkzOO0GtB/U2ORgTjf6E/D6EIxLtRydfW304MUSjveVZNmLu1+u87izLh K28muSZYErvNsDr1Xt+2XlQj9RGLsCPNJ+M3bfmlBnkqiVzL94qLAUaJblXcWZoe W3/OlNYLJntIeV+5sGpk2nMONIEz+MFRQ47x91wly6iikviNcQMUvf/C+DGWzCRS L17e599fEvQLc1aIitnUBnLjuMLG79tXnFgmnFFq7gLDSssqViD+OivkKAqSTy3L 4DoQxrcXC1TbfDwqvDes0CydP1q12fuwTZiChA8MEi2vk+6ZPNS8h+3Fb1tcDBLz EloAuU9y0B+N9EQtf8bkGfx4/7pJNDXEPQCiaqTMRLlrBBSQIPwGRX1JgtGnpOnt 7P1QqpNqAeoL7grtMVhL =dvAm -----END PGP SIGNATURE-----