apticron report [Wed, 04 Jul 2018 22:38:04 +0200] ======================================================================== apticron has detected that some packages need upgrading on: quigon.federez.net [ 160.228.155.65 ] The following packages are currently pending an upgrade: libexiv2-14 0.25-3.1+deb9u1 ======================================================================== Package Details: apt-listchanges : Lecture des fichiers de modifications (« changelog »)... apt-listchanges : journaux des modifications (« changelogs ») ------------------------------------------------------------- --- Modifications pour exiv2 (libexiv2-14) --- exiv2 (0.25-3.1+deb9u1) stretch-security; urgency=high * Non-maintainer upload by the Security Team. * CVE-2018-10958: denial of service through memory exhaustion and application crash by a crafted PNG image. * CVE-2018-10999: a heap-based buffer over-read via a crafted PNG image. * CVE-2018-10998: denial of service through memory exhaustion and application crash by a crafted image. * CVE-2018-11531: a heap-based buffer overflow and application crash by a crafted image. * CVE-2018-12264: integer overflow leading to out of bounds read by a crafted image. (Closes: #901707) * CVE-2018-12265: integer overflow leading to out of bounds read by a crafted image. (Closes: #901706) -- Roberto C. Sanchez <roberto(a)debian.org> Wed, 27 Jun 2018 08:09:36 -0400 ======================================================================== You can perform the upgrade by issuing the command: apt-get dist-upgrade as root on quigon.federez.net -- apticron