Debian DLA-344-1 : nspr security update
High Nessus Plugin ID 86952
SynopsisThe remote Debian host is missing a security update.
DescriptionGoogle security engineer Ryan Sleevi found a vulnerability in the NetScape Portable Runtime Library (NSPR). NSPR allocated memory without specific checks, making it possible for remote attackers to cause a Denial of Service or execute arbitrary code.
For Debian 6 'Squeeze', this issue have been fixed in nspr version 4.8.6-1+squeeze3. We recommend that you upgrade your nspr packages.
Learn more about the Debian Long Term Support (LTS) Project and how to apply these updates at: https://wiki.debian.org/LTS/
NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
SolutionUpgrade the affected packages.