Package: optipng Severity: grave Tags: security Hi,
The following SA (Secunia Advisory) id was published for Nagios. SA32651[1]: > A vulnerability has been reported in OptiPNG, which potentially can be > exploited by malicious people to compromise a user's system. > > The vulnerability is caused due to a boundary error in the BMP reader and > can be exploited to cause a buffer overflow by tricking a user into > processing a specially crafted file. > > Successful exploitation may allow execution of arbitrary code. > > The vulnerability is reported in versions prior to 0.6.2. If you fix the vulnerability please also make sure to include the SA id (or the CVE id when one is assigned) in the changelog entry. [1]http://secunia.com/Advisories/32651/ Cheers, -- Raphael Geissert - Debian Maintainer www.debian.org - get.debian.net
signature.asc
Description: This is a digitally signed message part.
