-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Package : pngquant Version : 2.3.0-1+deb8u1 CVE ID : CVE-2016-5735
It was found that pngquant, a PNG (Portable Network Graphics) image optimising utility, is susceptible to a buffer overflow write issue triggered by a maliciously crafted png image, which could lead into denial of service or other issues.
For Debian 8 "Jessie", this problem has been fixed in version 2.3.0-1+deb8u1. We recommend that you upgrade your pngquant packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAl74jF5fFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcACgkQlvysDTh7 WEdSgg//dry52RjPkWBcJrFZi0Z19qiOkcS02RKfTy53QT0b9ILSSUO2n8whPQaJ pkNjHhMi+8aqZsW26gaFQrBxfUI5vRJEtmn3pionXU4toGXvV3o1W0gX3QrXE9OV UCWz5dgN4SLUFYkxo6TCEq64hi1FieiuvpD8b4SRv1QLqjp0OwhJdWJUcw2ZykRh hpyJ6E217dKqLcrjzB+tMcRdupazgQ1ZYIAmX84+nC8MjZDBLFN3olUoq4wtjj54 RRrsDITb1+ouCs+dG/zn4TV+e2IwcXUHDJmpWE1x5hMcdzg1P9iH1k90n6YfzKCT U1aXQCmWAu1MccqeHqi4TS9x9qdv5WpOpRU/wBiM3I0kPoTY5CzqQFounz/3ngm2 KUlziuGZJGX6ypNa0H6zhh6XRAybvdrLyC6Zi2bk806Yb9STk93Opwlp7pEaC8Cd MqMoVc9XqlIyhSCMomWju0Ej6K7q2NxyaSIAWmQFr1+VFaKxMqNY9fBi/3eZ8vXp eaq8tjWkN4xOSqdd0sovh+DQqP4vuusbOsRqqrFliUMHKQMZCoigLEcdCM8Qp/Ib awPOxKKfY9AkTS7LYi+IF+mMt3yg/rzxs6GmLgVgx9gzFw//wfTyVkl/suiS8ab0 rXv9Ex+5Q45KrpaZg214URUSzRuB6bDFzW6RQTXK0OkBoIviOhw= =3gva -----END PGP SIGNATURE-----
