Package: ghostscript Severity: grave Tags: security patch Hi, the following CVE (Common Vulnerabilities & Exposures) id was published for ghostscript.
CVE-2007-2721[0]: | The jpc_qcx_getcompparms function in jpc/jpc_cs.c for the JasPer | JPEG-2000 library (libjasper) before 1.900 allows remote user-assisted | attackers to cause a denial of service (crash) and possibly corrupt | the heap via malformed image files, as originally demonstrated using | imagemagick convert. If you fix this vulnerability please also include the CVE id in your changelog entry. This vulnerability is present in the embedded copy of jasper. See patch on: http://ghostscript.com/pipermail/gs-cvs/2007-October/007877.html For further information: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2721 Kind regards Nico -- Nico Golde - http://ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted.
pgpDBGBzfOg3a.pgp
Description: PGP signature
