severity 533361 serious thanks Hi, this issue got a CVE id: CVE-2009-2175: | Stack-based buffer overflow in the flattenIncrementally function in | flatten.c in xcftools 1.0.4, as reachable from the (1) xcf2pnm and (2) | xcf2png utilities, allows remote attackers to cause a denial of | service (crash) and possibly execute arbitrary code via a crafted | image that causes a consersion to a location "above or to the left of | the canvas." NOTE: some of these details are obtained from third party | information. If you fix the vulnerability please also make sure to include the CVE id in your changelog entry. For further information see:  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2175 http://security-tracker.debian.net/tracker/CVE-2009-2175 Cheers, Giuseppe.
Description: OpenPGP digital signature