Debian Security Advisory DSA 1144-1 (chmlib)

Summary
The remote host is missing an update to chmlib announced via advisory DSA 1144-1. It was discovered that one of the utilities shipped with chmlib, a library for dealing with Microsoft CHM files, performs insufficient sanitising of filenames, which might lead to directory traversal.
Solution
For the stable distribution (sarge) this problem has been fixed in version 0.35-6sarge3. For the unstable distribution (sid) this problem has been fixed in version 0.38-1. We recommend that you upgrade your chmlib-bin package. https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201144-1