An integer overflow vulnerability present in lcms2 may lead to a potential heap buffer overflow exploit. Users of Debian are advised to update their systems.
It was discovered that there was an integer overflow vulnerability in the "Little CMS 2" colour management library