Package : lcms2 Version : 2.6-3+deb8u2 CVE ID : CVE-2018-16435 Debian Bug : #907983
It was discovered that there was an integer overflow vulnerability in the "Little CMS 2" colour management library. A specially-crafted input file could lead to a heap-based buffer overflow.
For Debian 8 "Jessie", this issue has been fixed in lcms2 version 2.6-3+deb8u2.
We recommend that you upgrade your lcms2 packages.
,''`. : :' : Chris Lamb `. `'` firstname.lastname@example.org / chris-lamb.co.uk `-