ELA-524-1 gmp security update

segmentation fault

2021-11-30
Packagegmp
Version2:6.0.0+dfsg-6+deb8u1
Related CVEs CVE-2021-43618

GNU Multiple Precision Arithmetic Library (GMP) through 6.2.1 has an mpz/inp_raw.c integer overflow and resultant buffer overflow via crafted input, leading to a segmentation fault on 32-bit platforms.

For Debian 8 jessie, these problems have been fixed in version 2:6.0.0+dfsg-6+deb8u1.

We recommend that you upgrade your gmp packages.

Further information about Extended LTS security advisories can be found at: https://deb.freexian.com/extended-lts/