1. Forum
  2. Usenet
  3. LINUX.DEBIAN.ANNOUNCE.SEC

  • [SECURITY] [DSA 5614-1] zbar security update

    From Salvatore Bonaccorso@21:1/5 to All on Sat Feb 3 18:10:01 2024
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-5614-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso February 03, 2024 https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : zbar
    CVE ID : CVE-2023-40889 CVE-2023-40890
    Debian Bug : 1051724

    Two vulnerabilities were discovered in zbar, a library for scanning and decoding QR and bar codes, which may result in denial of service,
    information disclosure or potentially the execution of arbitrary code if
    a specially crafted code is processed.

    For the oldstable distribution (bullseye), these problems have been
    fixed in version 0.23.90-1+deb11u1.

    For the stable distribution (bookworm), these problems have been fixed
    in version 0.23.92-7+deb12u1.

    We recommend that you upgrade your zbar packages.

    For the detailed security status of zbar please refer to its security
    tracker page at:
    https://security-tracker.debian.org/tracker/zbar

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/

    Mailing list: debian-security-announce@lists.debian.org
    -----BEGIN PGP SIGNATURE-----

    iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmW+cM5fFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0RZEQ/+LBd+YadiS/TNfrBy9lYnugnavklh9VSEkO+sKYFVzkq/ypQwuaLA0MaI t0OOIGIrwDVXL0/Lb6Rjuo96PGQX6NJXF2iG7UUD8RjiJDHIFPUP9nbWOjXmNAdt nfUvF9AwyExSpCREhXc2PTDc5lmnAu56NWrJRN53RqngbYSxILoOpNRBDlZUEL3R NrbpPvpQnvIBo2JcmaT/PtgC+U5bxKfnQGQ2Cree/nyq8de9VCPwGeTczqFz8I3N sklG9k8/09+zdJOUpy+KVi+ylTAG/f/ydzGtrFyr++hPU692PIGeu++N3yNX1mP9 KWhsAdkfL581RauwKRgHFnRXK/yUDg7rDUlMRd0w5QphDkL+01mjzgiooGBp5I7O GXvdVgribWdexRiKE0nfzf6sHxzbHXRdCOiPWhGAf5w6ORdpgRwuICo4mWTw1T8G JktFfuLXP7uRIdVIMeIVVVLfFYBQeTr8g7A0TV1ysAzG+yjHVhfYJxTVS9rTNmt8 MJbO6ZBgWnMdMbd+4xlngWMpxDOInhdFBTmbyBdWnbMOQDZhgXLy0Hd0VF96UoQk WoHxphpbioY5on053jSsU6FH0r1bSm5rjOfCkRVLalCTjZyY4TqCSmbTlq3qyxUH gT9ws2M+//SpJKzwGvVXN8+0M3BzVXUGJYmLG0v0/+jb58wUBUA=
    =OOtS
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)