-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2020.1902
                       sane-backends security update
                                1 June 2020

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           sane-backends
Publisher:         Debian
Operating System:  Debian GNU/Linux 8
Impact/Access:     Denial of Service -- Unknown/Unspecified
Resolution:        Patch/Upgrade
CVE Names:         CVE-2020-12867  

Original Bulletin: 
   https://lists.debian.org/debian-lts-announce/2020/05/msg00036.html

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : sane-backends
Version        : 1.0.24-8+deb8u3
CVE ID         : CVE-2020-12867
Debian Bug     : 961302


Remote denial of service and several memory
management issues were fixed in the epson2 driver.

For Debian 8 "Jessie", this problem has been fixed in version
1.0.24-8+deb8u3.

We recommend that you upgrade your sane-backends packages
if you are using the epson2 driver.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

- -----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEOvp1f6xuoR0v9F3wiNJCh6LYmLEFAl7UH5cACgkQiNJCh6LY
mLE+ShAAiNchtUfRPx7fQUCvC/imHHRAYBit3MXWNBVoAyK/K08TkUs8biCVBdI4
UeNG5DjSPDlk0XcWL7hjIeC9BzMzJfOR3ZK2kXkCwIB9irk+RroYelEoYe31Nm/G
Aae/ZPL8No/xgduGHKAF+hRrfP/qa/Z4RLPYximPIgd5Tltu9wYuSd5Vow12rdxb
B2Lg5sy2BdnPB8qXxsGoKN8Mc5f8evFbLUpdOPdj4fdGaGA7A0DF2xKxL/KKXZVv
t0BHdTubPdCPQk6HW9rUkZOOOycQY46NE+FHJX5aQStSIXp+fMXQVWqS+kgntUai
5lmc9eG9UaSa2iZzye3W8A4gxwnFmYqn4nxGQnEow4vUtLcYKxiveAHn0+sz6XMn
XGtOscRoo00PecNv1LJGe0gnOsfwMFsXbkKDWHXmTRfnqjS0HZefHB6Z8pcDJSku
0FyxpX8sLAW8xMQtDhn/CYAGEdIn/KfSuH3kBShmPteF8dPI+x05sbjQ9aCm7o9G
cG0mnqmeyl+YWB/a22ZcQIeTsHv3/6KLVhxLzwRMcmWw54CouwU5mA8JdYJYCFb+
h/egLzMhkVLCXl77zC2sArhkzUnixjE9HPSnO+Koqy8ajhh7CLbtTzuszlQkt70r
COuLxTDLGf7kTznzv79w0R66Y3Y+DBaMXws7STyLkm3SJVGmw4s=
=hRkM
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBXtRj4ONLKJtyKPYoAQgFpBAAl8yQhziBruxtLEjN1WwqHEkyn35dnn40
NtEJHhmaFIbnEqtl/gE5Z/g4nImHs8F3LyvBZoQe1fG5mhd8Hd5ERXmlhQJLXfef
33EXsocilJXv2OIF3H25uXb2DV67yQkpu2KlNHnU3JLaEKwtrg9xjbMAgSkSoROa
rduEsDe1P3LpXnl8U0dc8YjglpAmmd1JWCuJoKojpDTqpWpkCNpz78OEnEch4sd6
asXdtq8V5UZF9/CAt8qoTrHTEpxlr6En41WHqAFaisxn1EObjQ5DJfO9NEWfh4n1
qX1U67GXduEsRg9FPUyeP+sn9YXFbTJZDo33xb0okFPk5xIXYE6dwlEkFA+inmBE
CD1WK2BOzqOHZ4R83Ypk+fOoT393FSUYdMrodOB1/6tjtj3qvHBavN7FFXepvCGl
y73tTBkmwkxPwVxB+mVd4R6KatFOyu91G+S1XTfg6xMp4OKPAfd7OOYFRp7dih6Z
Bjr7kPpa/NHuIXV8oDyyBM4m0UIzMtibKDcO7uYZba5kSei8/YyLGGhpgehfpob9
7w4DxcJ2hbPWWWU5/8ryO7LaHKWIYU4HFLx5aezdfOyJLqEXg3K1SZrF5wnzCBDD
oLUxzCWQv4kCX8wKwI5lzOxCapsZTagSFVfnMd29ZmPjsbwln9E6uQIrzCAM9f1K
tHJbis00DNQ=
=ZzN4
-----END PGP SIGNATURE-----