Debian 10225 Published by

A zbar security update has been released for Debian GNU/Linux 9 Extended LTS to address a heap-based buffer overflow existed in the qr_reader_match_centers function.



ELA-1013-1 zbar security update

Package : zbar
Version : 0.10+doc-10.1+deb9u1 (stretch)

Related CVEs :
CVE-2023-40889

Zbar, a barcode scanner application, was vulnerable. A heap-based buffer overflow existed
in the qr_reader_match_centers function.
Specially crafted QR codes may lead to information disclosure
and/or arbitrary code execution. To trigger this
vulnerability, an attacker can digitally input the
malicious QR code, or prepare it to be physically scanned
by the vulnerable scanner.

ELA-1013-1 zbar security update