ELA-1200-1 libgsf security update

integer overflows

2024-10-07
Packagelibgsf
Version1.14.41-1+deb9u1 (stretch), 1.14.45-1+deb10u1 (buster)
Related CVEs CVE-2024-36474 CVE-2024-42415


Integer overflows have been fixed in libgsf, the GNOME Project G Structured File Library.

CVE-2024-36474

directory integer overflow

CVE-2024-42415

sector allocation table integer overflow


For Debian 10 buster, these problems have been fixed in version 1.14.45-1+deb10u1.

For Debian 9 stretch, these problems have been fixed in version 1.14.41-1+deb9u1.

We recommend that you upgrade your libgsf packages.

Further information about Extended LTS security advisories can be found in the dedicated section of our website.