-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3917-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso July 23, 2017 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : catdoc CVE ID : CVE-2017-11110 Debian Bug : 867717 A heap-based buffer underflow flaw was discovered in catdoc, a text extractor for MS-Office files, which may lead to denial of service (application crash) or have unspecified other impact, if a specially crafted file is processed. For the oldstable distribution (jessie), this problem has been fixed in version 0.94.4-1.1+deb8u1. For the stable distribution (stretch), this problem has been fixed in version 1:0.94.3~git20160113.dbc9ec6+dfsg-1+deb9u1. For the testing distribution (buster), this problem has been fixed in version 1:0.95-3. For the unstable distribution (sid), this problem has been fixed in version 1:0.95-3. We recommend that you upgrade your catdoc packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAll0t7dfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0TJMA//ckF8jjN4EqoZfKAPI9EmvXWmSp7ZLXWXEGX3pNangfx8yE0+AzeqL2dw eq6WVtM7jVFxwW05BXIst6CFo/tYhH19GGtNi+mULVCmK/cAuhk5ztJO+xh39khB sm4I0a0bbbsDOwV2oHSk3AgCi6zrhgVhUkrj085zAIGyMVmRe3+lZV1Jc2M8cEMI ahbIDCZJxYZr9WNbAaBO/g3K1HB4DS2kP1TaFn2VDMi6x5SJFCHTCJj2mVcT19jU RjVcpWEr+6pdzVelPCyjlS3nSum9BWttTdPgZTI3ooRD/4MUrqus2zp6D51N/xo9 dEVfvgbSWjlYAgU+P5I6McWvTV0GrV4kMvzu1g4RwG6H3PDWlsWbPY4bNxdzvnLu xtgcTZn08jHAabrX0Iymmaj8CoZRowaq4Z8cGGc9U2ee/pU/TGmIkfCOPywln55Q 34x7xEkA5FLTgMUZBktZkToY1I7g15a3go/xYIew0Ez+J/m+dxC2pFRVctLOlhqD XWzfRQOWfxICCO36UH+eIExZ86j5rufEhgv3iPgqsHgt+2xeenxGS9xkBefkbQJf BNwfZA+18/SvSgYEpt1V23kBYD2FXs2QfCNYAdDIvvDLdLZr38+KDA6dCUH324Us 8TomdJ23CQzojrbv+kbs0pKwteegoUiXXZyDVRelWVTrMdXVmXg= =gP08 -----END PGP SIGNATURE-----