Hi,

On Wed, 05 Oct 2016 15:07:41 +0200 Salvatore Bonaccorso
<car...@debian.org> wrote:
> Source: freeimage
> Version: 3.17.0+ds1-2
> Severity: grave
> Tags: security upstream
> Justification: user security hole
> 
> Hi,
> 
> the following vulnerability was published for freeimage.
> 
> CVE-2016-5684[0]:
> XMP Image Handling Code Execution Vulnerability
> 
> If you fix the vulnerability please also make sure to include the
> CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
> 
> For further information see:
> 
> [0] https://security-tracker.debian.org/tracker/CVE-2016-5684
> 
> Please adjust the affected versions in the BTS as needed. Only sid has
> been checked source wise in this case.

Jessie and Wheezy seem to be affected as well.

Cheers,
Balint

Reply via email to