Package | shadow |
---|---|
Version | 1:4.2-3+deb8u5 |
Related CVEs | CVE-2017-12424 CVE-2018-7169 |
CVE-2017-12424
It was discovered that shadow incorrectly handled certain inputs.
An attacker could possibly use this issue to cause a crash or
expose sensitive information.
CVE-2018-7169
It was discovered that shadow incorrectly handled certain inputs.
An attacker could possibly use this issue to expose sensitive
information.
For Debian 8 jessie, these problems have been fixed in version 1:4.2-3+deb8u5.
We recommend that you upgrade your shadow packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.