Package name
ocaml-camlimages
Date
2009-10-21
Advisory ID
MDVSA-2009:286
Affected versions
MES5 i586 , MES5 x86_64

Problem description

Multiple vulnerabilities has been found and corrected in
ocaml-camlimages:

Multiple integer overflows in CamlImages 2.2 and earlier might allow
context-dependent attackers to execute arbitrary code via a crafted
PNG image with large width and height values that trigger a heap-based
buffer overflow in the (1) read_png_file or (2) read_png_file_as_rgb24
function (CVE-2009-2295).

Multiple integer overflows in CamlImages 2.2 might allow
context-dependent attackers to execute arbitrary code via images
containing large width and height values that trigger a heap-based
buffer overflow, related to (1) crafted GIF files (gifread.c) and
(2) crafted JPEG files (jpegread.c), a different vulnerability than
CVE-2009-2295 (CVE-2009-2660).

Multiple integer overflows in tiffread.c in CamlImages 2.2 might allow
remote attackers to execute arbitrary code via TIFF images containing
large width and height values that trigger heap-based buffer overflows
(CVE-2009-3296).

This update fixes these vulnerabilities.

Updated packages

MES5 i586

 2e82da518bb4687524fe24129913de33  mes5/i586/ocaml-camlimages-2.20-13.1mdvmes5.i586.rpm
 16dbf053847c1f5198b2c4f8bf5470ee  mes5/i586/ocaml-camlimages-devel-2.20-13.1mdvmes5.i586.rpm 
 b2d32951983d38770ed111f9afc25ea9  mes5/SRPMS/ocaml-camlimages-2.20-13.1mdvmes5.src.rpm

MES5 x86_64

 5d937a20f8ec1347b870ccda4273f39f  mes5/x86_64/ocaml-camlimages-2.20-13.1mdvmes5.x86_64.rpm
 2349fd3eb0bd09cf565ca2f4b6417cf5  mes5/x86_64/ocaml-camlimages-devel-2.20-13.1mdvmes5.x86_64.rpm 
 b2d32951983d38770ed111f9afc25ea9  mes5/SRPMS/ocaml-camlimages-2.20-13.1mdvmes5.src.rpm

References