Package: camlimages Severity: grave Tags: security -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Hi, the following CVE (Common Vulnerabilities & Exposures) id was published for camlimages. CVE-2009-2660[0]: | Multiple integer overflows in CamlImages 2.2 might allow | context-dependent attackers to execute arbitrary code via images | containing large width and height values that trigger a heap-based | buffer overflow, related to (1) crafted GIF files (gifread.c) and (2) | crafted JPEG files (jpegread.c), a different vulnerability than | CVE-2009-2295. If you fix the vulnerability please also make sure to include the CVE id in your changelog entry. For further information see: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2660 http://security-tracker.debian.net/tracker/CVE-2009-2660 Cheers, Giuseppe. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iEYEARECAAYFAkp6ggEACgkQNxpp46476ar1/gCfc/keILkLon57EJQMFCRtSlB4 NxQAn0yvAYKn3Cmg6YUGr1bX10Ju+wa/ =4KlA -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
