Package: xemacs21 Severity: serious Tags: security -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Hi, the following CVE (Common Vulnerabilities & Exposures) id was published for xemacs21. CVE-2009-2688[0]: | Multiple integer overflows in glyphs-eimage.c in XEmacs 21.4.22, when | running on Windows, allow remote attackers to cause a denial of | service (crash) or execute arbitrary code via (1) the tiff_instantiate | function processing a crafted TIFF file, (2) the png_instantiate | function processing a crafted PNG file, and (3) the jpeg_instantiate | function processing a crafted JPEG file, all which trigger a | heap-based buffer overflow. NOTE: the provenance of this information | is unknown; the details are obtained solely from third party | information. If you fix the vulnerability please also make sure to include the CVE id in your changelog entry. For further information see: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2688 http://security-tracker.debian.net/tracker/CVE-2009-2688 Cheers, Giuseppe. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iEYEARECAAYFAkp9PPcACgkQNxpp46476aqzaACeKjCABw8TBGZ6nPtmlDEI6tud FpUAnR5JqAOfHPTSbpT4qVSiBpVqcxeJ =o4o4 -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org