On Tue, 2010-08-31 at 18:08 +0200, Moritz Muehlenhoff wrote: > On Tue, Aug 24, 2010 at 08:03:05AM +0200, Florian Weimer wrote: > > Package: libgdiplus > > Tags: security > > > > Vulnerabilities have been discoverd in libgdiplus. Here is the > > summary from Secunia's advisory: > > > > | Secunia Research has discovered three vulnerabilities in libgdiplus > > | for Mono, which can be exploited by malicious people to compromise an > > | application using the library. > > | > > | 1) An integer overflow error within the "gdip_load_tiff_image()" > > | function in src/tiffcodec.c can be exploited to cause a heap-based > > | buffer overflow by e.g. processing specially crafted TIFF images in > > | an application using the library. > > | > > | 2) An integer overflow error within the > > | "gdip_load_jpeg_image_internal()" function in src/jpegcodec.c can be > > | exploited to cause a heap-based buffer overflow by e.g. processing > > | specially crafted JPEG images in an application using the library. > > | > > | 3) An integer overflow error within the "gdip_read_bmp_image()" > > | function in src/bmpcodec.c can be exploited to cause a heap-based > > | buffer overflow by e.g. processing specially crafted BMP images in an > > | application using the library. > > > > <http://article.gmane.org/gmane.comp.security.bugtraq/44343> > > > > This should probably be fixed in a point release for lenny. > > Debian Mono maintainers, can you fix this in a point update? I've uploaded 1.9-1+lenny1, which will be sat in the queue. The fix for lenny is the same upstream patch as for experimental, taken from their git repository.
Attachment:
signature.asc
Description: This is a digitally signed message part