[Debian-astro-maintainers] Bug#892458: Security: please consider upgrade to 3.43(0)
Ole Streicher
olebole at debian.org
Fri Mar 9 08:56:39 UTC 2018
Package: cfitsio
Version: 3.420-3
Severity: grave
Tags: security
Hi,
a new version of cfitsio just came out, accompanied with the following
notice from upstream:
The NASA security team requires the following warning to all users of
CFITSIO:
=====
The CFITSIO open source software project contains vulnerabilities
that could allow a remote, unauthenticated attacker to take control
of a server running the CFITSIO software. These vulnerabilities
affect all servers and products running the CFITSIO software.
The CFITSIO team has released software updates to address these
vulnerabilities. There are no workarounds to address these
vulnerabilities. In all cases, the CFITSIO team is recommending an
immediate update to resolve the issues.
=====
I didn't check the specific problem, but it may be important to upgrade.
Best regards
Ole
More information about the Debian-astro-maintainers
mailing list