Debian 10264 Published by

A gsl security update has been released for Debian GNU/Linux 8 and 9 Extended LTS to address a buffer overflow.



ELA-952-1 gsl security update

Package : gsl
Version : 1.16+dfsg-2+deb8u1 (jessie), 2.3+dfsg-1+deb9u1 (stretch)

Related CVEs :
CVE-2020-35357

A buffer overflow can occur when calculating the quantile value using the
Statistics Library of GSL (GNU Scientific Library). Processing a
maliciously crafted input data for gsl_stats_quantile_from_sorted_data of
the library may lead to unexpected application termination or arbitrary
code execution.

ELA-952-1 gsl security update