Package: boson Version: 0.13-4+b1 Severity: important
Boson uses an embedded copy of lib3ds 1.3. This version of lib3ds is vulnerable to http://security-tracker.debian.org/tracker/CVE-2010-0280. I have not investigated the impact of this vulnerability and how it would be triggered by boson. The desired outcome is that the system wide library of lib3ds be used instead of the embedded copy.
