Bug#550440: advi: CVE-2009-2295 arbitrary code execution

To: submit@bugs.debian.org
Subject: Bug#550440: advi: CVE-2009-2295 arbitrary code execution
From: Michael S Gilbert <michael.s.gilbert@gmail.com>
Date: Sat, 10 Oct 2009 00:29:05 -0400
Message-id: <[🔎] 20091010002905.1e68b8d6.michael.s.gilbert@gmail.com>
Reply-to: Michael S Gilbert <michael.s.gilbert@gmail.com>, 550440@bugs.debian.org

Package: advi
Version: 1.6.0-12
Severity: serious
Tags: security

Hi,

The following CVE (Common Vulnerabilities & Exposures) id was
published for camlimages.  advi statically links to camlimages, so any
issues in that package are also applicable to advi.  There were already
updates to camlimages for etch an lenny, so advi just needs to be
relinked using those new versions.  Please coordinate these updates with
the security team.

CVE-2009-2295[0]:
| Multiple integer overflows in CamlImages 2.2 and earlier might allow
| context-dependent attackers to execute arbitrary code via a crafted
| PNG image with large width and height values that trigger a heap-based
| buffer overflow in the (1) read_png_file or (2) read_png_file_as_rgb24
| function.

If you fix the vulnerability please also make sure to include the
CVE id in your changelog entry.

For further information see:

[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2295
    http://security-tracker.debian.net/tracker/CVE-2009-2295

Reply to:

Follow-Ups:
- Bug#550440: advi: CVE-2009-2295 arbitrary code execution
  - From: Mehdi Dogguy <mehdi@dogguy.org>

Prev by Date: Bug#550298: marked as done (ocaml-sha - FTBFS: ocamlfind: *.cmxa: No such file or directory)
Next by Date: Bug#550441: advi: statically links to camlimages
Previous by thread: ocaml-sha_1.5-4_i386.changes ACCEPTED
Next by thread: Bug#550440: advi: CVE-2009-2295 arbitrary code execution
Index(es):
- Date
- Thread