Hello, On Sun, Jul 05, 2009 at 07:38:51PM -0400, Michael S. Gilbert wrote: > package: camlimages > version: 2.20-8 > severity: serious > tags: security > > hello, > > camlimages is vulnerable to several integer overflows [1]. this has > not yet been fixed upstream, but has been addressed by redhat [2]. > > [1] http://www.ocert.org/advisories/ocert-2009-009.html > [2] https://bugzilla.redhat.com/show_bug.cgi?id=509531 >
Patch has already been applied for sid version (3.0.1-2), migration to lenny is blocked by current OCaml 3.11.1 transition. We need to patch lenny (2.2.0-4), but you seems to use etch (2.20-8). Regards Sylvain Le Gall -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
