Debian 10260 Published by

Updated r-base packages has been released for Debian 7 LTS



Package : r-base
Version : 2.15.1-4+deb7u1
CVE ID : CVE-2016-8714
Debian Bug : #857466

An exploitable buffer overflow vulnerability exists in the
LoadEncoding functionality of the R programming language. A
specially crafted R script can cause a buffer overflow
resulting in a memory corruption. An attacker can send a
malicious R script to trigger this vulnerability.

For Debian 7 "Wheezy", this problem has been fixed in version
2.15.1-4+deb7u1.

We recommend that you upgrade your r-base packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
  R-base security update for Debian 7 LTS