Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
Debian Security Advisory DSA 107-1 (jgroff)
Information
Severity
Severity
Family
Family
CVSSv2 Base
CVSSv2 Base
CVSSv2 Vector
CVSSv2 Vector
Solution Type
Solution Type
Created
Created
Modified
Modified
Summary
The remote host is missing an update to jgroff announced via advisory DSA 107-1.
Insight
Insight
Basically, this is the same Security Advisory as DSA 072-1, but for jgroff instead of groff. The package jgroff contains a version derived from groff that has japaneze character sets enabled. This package is available only in the stable release of Debian, patches for japanese support have been merged into the main groff package. The old advisory said: Zenith Parse found a security problem in groff (the GNU version of troff). The pic command was vulnerable to a printf format attack which made it possible to circumvent the `-S' option and execute arbitrary code.
Solution
Solution
https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20107-1