[SECURITY] [DSA 3537-1] imlib2 security update

2016-03-31T10:44:04
ID DEBIAN:DSA-3537-1:66D2D
Type debian
Reporter Debian
Modified 2016-03-31T10:44:04

Description


Debian Security Advisory DSA-3537-1 security@debian.org https://www.debian.org/security/ Sebastien Delafond March 31, 2016 https://www.debian.org/security/faq


Package : imlib2 CVE ID : CVE-2014-9762 CVE-2014-9763 CVE-2014-9764

Several vulnerabilities were discovered in imlib2, an image manipulation library.

CVE-2014-9762

A segmentation fault could occur when opening GIFs without a
colormap.

CVE-2014-9763

Several divisions by zero, resulting in a program crash, could
occur when handling PNM files.

CVE-2014-9764

A segmentation fault could occur when opening GIFs with feh.

For the oldstable distribution (wheezy), these problems have been fixed in version 1.4.5-1+deb7u1.

For the stable distribution (jessie), these problems have been fixed in version 1.4.6-2+deb8u1.

For the testing (stretch) and unstable (sid) distributions, these problems have been fixed in version 1.4.7-1.

We recommend that you upgrade your imlib2 packages.

Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org