| Description: | It was discovered that CamlImages, an open source image processing library, suffers from several integer overflows, which may lead to a potentially exploitable heap overflow and result in arbitrary code execution. This advisory addresses issues with the reading of TIFF files. It also expands the patch for CVE-2009-2660 to cover another potential overflow in the processing of JPEG images. For the oldstable distribution, this problem has been fixed in version 2.20-8+etch3. For the stable distribution, this problem has been fixed in version 1:2.2.0-4+lenny3. For the testing distribution and the unstable distribution, this problem will be fixed soon. We recommend that you upgrade your camlimages package. |