Bug#535909: camlimages: CVE-2009-2295 several integer overflows
On Sun, Jul 05, 2009 at 07:38:51PM -0400, Michael S. Gilbert wrote:
> package: camlimages
> version: 2.20-8
> severity: serious
> tags: security
> camlimages is vulnerable to several integer overflows . this has
> not yet been fixed upstream, but has been addressed by redhat .
>  http://www.ocert.org/advisories/ocert-2009-009.html
>  https://bugzilla.redhat.com/show_bug.cgi?id=509531
Patch has already been applied for sid version (3.0.1-2), migration to
lenny is blocked by current OCaml 3.11.1 transition.
We need to patch lenny (2.2.0-4), but you seems to use etch (2.20-8).
Sylvain Le Gall