Package: tk8.3 Severity: grave Tags: security Hi, the following CVE (Common Vulnerabilities & Exposures) id was published for tk8.3.
CVE-2007-5378[0]: | Buffer overflow in the FileReadGIF function in tkImgGIF.c for Tk | Toolkit 8.4.12 and earlier, and 8.3.5 and earlier, allows | user-assisted attackers to cause a denial of service (segmentation | fault) via an animated GIF in which the first subimage is smaller than | a subsequent subimage, which triggers the overflow in the ReadImage | function, a different vulnerability than CVE-2007-5137. If you fix this vulnerability please also include the CVE id in your changelog entry. This bug is fixed in the 8.4 package in unstable and testing but not in etch. For further information: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5378 Kind regards Nico -- Nico Golde - http://ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted.
pgp04qU7uROsc.pgp
Description: PGP signature
