DSA-4593-1 libfreeimage-dev -- libfreeimage-devID: oval:org.secpod.oval:def:61481 | Date: (C)2020-02-20 (M)2024-02-26 |
Class: PATCH | Family: unix |
It was found that libfreeimage-dev, a graphics library, was affected by the following two security issues: CVE-2019-12211 Heap buffer overflow caused by invalid memcpy in PluginTIFF. This flaw might be leveraged by remote attackers to trigger denial of service or any other unspecified impact via crafted TIFF data. CVE-2019-12213 Stack exhaustion caused by unwanted recursion in PluginTIFF. This flaw might be leveraged by remote attackers to trigger denial of service via crafted TIFF data.