Debian Local Security Checks : Debian: Security Advisory (DLA-2839-1)

Anfälligkeitssuche		Suche in 324607 CVE Beschreibungen und 146377 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.0.892839

Kategorie: Debian Local Security Checks

Titel: Debian: Security Advisory (DLA-2839-1)

Zusammenfassung: The remote host is missing an update for the Debian 'gerbv' package(s) announced via the DLA-2839-1 advisory.

Beschreibung: Summary:
The remote host is missing an update for the Debian 'gerbv' package(s) announced via the DLA-2839-1 advisory.

Vulnerability Insight:
One security issue has been discovered in gerbv: a viewer for Gerber RS-274X files.

It was discovered that an out-of-bounds write vulnerability exists in the drill format T-code tool. A specially-crafted drill file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.

For Debian 9 stretch, this problem has been fixed in version 2.6.1-2+deb9u1.

We recommend that you upgrade your gerbv packages.

For the detailed security status of gerbv please refer to its security tracker page at: [link moved to references]

Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: [link moved to references]

Affected Software/OS:
'gerbv' package(s) on Debian 9.

Solution:
Please install the updated package(s).

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2021-40391
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TUM5GIUZJ7AVHVCXDZW6ZVCAPV2ISN47/
https://www.talosintelligence.com/vulnerability_reports/TALOS-2021-1402
https://lists.debian.org/debian-lts-announce/2021/12/msg00003.html

Copyright Copyright (C) 2021 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.0.892839
Kategorie:	Debian Local Security Checks
Titel:	Debian: Security Advisory (DLA-2839-1)
Zusammenfassung:	The remote host is missing an update for the Debian 'gerbv' package(s) announced via the DLA-2839-1 advisory.
Beschreibung:	Summary: The remote host is missing an update for the Debian 'gerbv' package(s) announced via the DLA-2839-1 advisory. Vulnerability Insight: One security issue has been discovered in gerbv: a viewer for Gerber RS-274X files. It was discovered that an out-of-bounds write vulnerability exists in the drill format T-code tool. A specially-crafted drill file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. For Debian 9 stretch, this problem has been fixed in version 2.6.1-2+deb9u1. We recommend that you upgrade your gerbv packages. For the detailed security status of gerbv please refer to its security tracker page at: [link moved to references] Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: [link moved to references] Affected Software/OS: 'gerbv' package(s) on Debian 9. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2021-40391 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TUM5GIUZJ7AVHVCXDZW6ZVCAPV2ISN47/ https://www.talosintelligence.com/vulnerability_reports/TALOS-2021-1402 https://lists.debian.org/debian-lts-announce/2021/12/msg00003.html
Copyright	Copyright (C) 2021 Greenbone AG