[SECURITY] [DLA 4449-1] zvbi security update

Sat, 24 Jan 2026 11:30:36 -0800 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-4449-1                [email protected]
https://www.debian.org/lts/security/                    Thorsten Alteholz
January 24, 2026                              https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : zvbi
Version        : 0.2.35-18+deb11u1
CVE ID         : CVE-2025-2173 CVE-2025-2174 CVE-2025-2175 CVE-2025-2176
                 CVE-2025-2177
Several issues have been found in zvbi, a Vertical Blanking Interval decoder. CVE-2025-2173 is related to an uninitialized pointer in src/conv.c:: vbi_strndup_iconv_ucs2() The other issues are related to integer overflows in several functions distributed all over the code. 


For Debian 11 bullseye, these problems have been fixed in version
0.2.35-18+deb11u1.

We recommend that you upgrade your zvbi packages.

For the detailed security status of zvbi please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/zvbi

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAml1EWdfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy
MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcACgkQlvysDTh7
WEc1OQ//emjCVLwWmE0F61p0orDNob9kRNyPxQ9btz8lBGLLF6XbWaC8GJm7RzOH
hU2Uc38PWjd6SqtK3Wx6eIb3UdG9RchWyUbglhA8OXj+JrpmAqLLNMFy9BHxS76M
IBipWzGiWiEMD0R7fHPsUtVkwyDAmSB2HKFWsUmPLFpifr4rY5i/xWNLE+GasJIu
GNX+REEAXJNNUNUD/sEuVbNfdbBTBIITeTOl/HGpQIs5vYmprHb0XZWJ+1VxQiK8
22q0gBXzw1ciK8/Lahn8YneVH/y2T1pQUYe7A6yx+V7vU+dam+L1ZpNhqP9HBEAg
T2Kkt1Z68YFISEGy+yVjFlwlueDPhFg6kZC9MmRJ/onBjnevig3yd7IQ8h97Fjdr
NKoYbeT6tWfRDpN75au1N0MPWzTmTAiBjTLPXxbRFohcvvGjVwx4zS8jxGXLbGIp
ydo9rAJ8HRIjwraZteOPg+uoolvIBrboAVxGnwNI57c6L03CpH3sVyGXiPHX+bLe
fVaz/6iFFrr4+2OSSoFRquP9gjZu5twjM17o+wiyANbEu6Hl3/9HH0X9Rdd9xQqJ
FtGv0u2RIoedMYeMlbsh54oyBOrBkYPEmY+j2TKo1SjvH1v7Qxy5WvZeIGS5A3+R
pI+GgJf1o4FBNwQkIIZYhPxI8bC+FzoSTDpPmyJs+YbimV+ei0E=
=/quF
-----END PGP SIGNATURE-----

Reply via email to