Debian Security Advisory DSA 890-1 (libungif4)

The remote host is missing an update to libungif4 announced via advisory DSA 890-1. Chris Evans discovered several security related problems in libungif4, a shared library for GIF images. The Common Vulnerabilities and Exposures project identifies the following vulnerabilities: CVE-2005-2974 Null pointer dereference, that could cause a denial of service. CVE-2005-3350 Out of bounds memory access that could cause a denial of service or the execution of arbitrary code. For the old stable distribution (woody) these problems have been fixed in version 4.1.0b1-2woody1.

For the stable distribution (sarge) these problems have been fixed in version 4.1.3-2sarge1. For the unstable distribution (sid) these problems will be fixed soon. We recommend that you upgrade your libungif4 packages. https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20890-1