Sean Larsson discovered several integer overflows in the processing
code for DICOM, PNM, PSD, RAS, XBM and XWD images, which might lead
to the execution of arbitrary code if a user is tricked into opening
such a malformed media file.
CVE-2007-2949
Stefan Cornelius discovered an integer overflow in the processing
code for PSD images, which might lead to the execution of arbitrary
code if a user is tricked into opening such a malformed media file.
For the oldstable distribution (sarge) these problems have been fixed in
version 2.2.6-1sarge4. Packages for mips and mipsel are not yet
available.
For the stable distribution (etch) these problems have been fixed
in version 2.2.13-1etch4. Packages for mips are not yet available.
For the unstable distribution (sid) these problems have been fixed in
version 2.2.17-1.
We recommend that you upgrade your gimp packages.
Upgrade Instructions
- --------------------wget url
will fetch the file for you
dpk...
Get the latest Linux and open source security news straight to your inbox.