Debian-LTS alert DLA-327-1 (freeimage)


From:
    	       Thorsten Alteholz <debian@alteholz.de> 
To:
    	       debian-lts-announce@lists.debian.org 
Subject:
    	       [SECURITY] [DLA 327-1] freeimage security update 
Date:
    	       Sun, 18 Oct 2015 18:16:43 +0200 (CEST)
Message-ID:
    	       <alpine.DEB.2.02.1510181814550.29625@jupiter.server.alteholz.net>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : freeimage
Version        : 3.10.0-4+deb6u1
CVE ID         : CVE-2015-0852

Multiple integer underflows in PluginPCX.cpp in FreeImage 3.17.0 and 
earlier allow remote attackers to cause a denial of service (heap memory 
corruption) via vectors related to the height and width of a window.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQJ8BAEBCgBmBQJWI8XrXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ2MjAxRkJGRkRCQkRFMDc4MjJFQUJCOTY5
NkZDQUMwRDM4N0I1ODQ3AAoJEJb8rA04e1hHb28P/0tw9nyDdtWq9m9FaBjAZF5b
j/eB0hQh1t7tPSzM51bLX1NKphdC8L42RfhfnrrR/J3Ws6jqAfvhBp9kUiDRcz0M
U8EtcpVDSn6nhrWVSYZ32h1JT+2w9v4TKd28IKRBTGdCmee13ew9oFlDrT2XBjcl
EFc9oBkvZ7h472rIBPFR3T0mPo1ZxpWhWWz0HjwQVVFpDzZk/eS2HjqBsh1da+tY
8UycfVbivRROBNL/g1r7jn9yOcXMvb0tEplo9NCrfT5jYJ29nuW/3CtH2yZbiHjf
+mVWyqzllcYZi7yvbwss88llxrlDhO0yzwqXRhrLJ1XHrxGd+IzxUvmo2CXHW/bw
H/ObNphmYD4vgokwiIf/1FlMvOmTYpN4RBYIxuzMqKuMW5+V7qqVXZtpDZf5PcAo
PxIVvtltKMZuOA2YiEf/UVArb9hd6kmgSHab3WGAtkiMAsYF1e0p5O8z9LuXID2a
n9hpIjH6x5VaVzXix1iaCv4ssndeQNn6TqVdIEvlHNVhB/o+GVta0g8YEjmxrSoa
1B7+Nia9oSO7oeMSK26Pb3m+80w654PIRn8UW9m/1EUoIenkDVVbQ83meBhW4nvA
9kX9YnW1ZUmTlsdhINVyefVa/BEBpgc2Dy2QAD4vgmV6o19S7i7nmGRhTJOfNySJ
09H2biM2/ceAjwQMex+F
=TQvG
-----END PGP SIGNATURE-----

From:		Thorsten Alteholz <debian@alteholz.de>
To:		debian-lts-announce@lists.debian.org
Subject:		[SECURITY] [DLA 327-1] freeimage security update
Date:		Sun, 18 Oct 2015 18:16:43 +0200 (CEST)
Message-ID:		<alpine.DEB.2.02.1510181814550.29625@jupiter.server.alteholz.net>