Debian Security Advisory DSA 913-1 (gdk-pixbuf)

Summary
The remote host is missing an update to gdk-pixbuf announced via advisory DSA 913-1.
Solution
https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20913-1
Insight
Several vulnerabilities have been found in gdk-pixbuf, the Gtk+ GdkPixBuf XPM image rendering library. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2005-2975 Ludwig Nussel discovered an infinite loop when processing XPM images that allows an attacker to cause a denial of service via a specially crafted XPM file. CVE-2005-2976 Ludwig Nussel discovered an integer overflow in the way XPM images are processed that could lead to the execution of arbitrary code or crash the application via a specially crafted XPM file. CVE-2005-3186 infamous41md discovered an integer in the XPM processing routine that can be used to execute arbitrary code via a traditional heap overflow. The following matrix explains which versions fix these problems: old stable (woody) stable (sarge) unstable (sid) gdk-pixbuf 0.17.0-2woody3 0.22.0-8.1 0.22.0-11 gtk+2.0 2.0.2-5woody3 2.6.4-3.1 2.6.10-2 We recommend that you upgrade your gdk-pixbuf packages.