-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Package : sam2p Version : 0.49.1-1+deb7u2 CVE ID : CVE-2017-16663
It was discovered that sam2p, a utility to convert raster images and other image formats, was affected by an integer overflow vulnerability with resultant heap-based buffer overflow in input-bmp.ci because width and height multiplications occur unsafely. This may lead to an application crash or unspecified other impact when a maliciously crafted file is processed. For Debian 7 "Wheezy", these problems have been fixed in version 0.49.1-1+deb7u2. We recommend that you upgrade your sam2p packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAloVyoBfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7 UeTzTxAAzZ9uL4NQ7sEB6PekiP+u3kepzQyWqpct5X8Um2LtWB8jPYhF+dlze5Mq ZQVgRR/sqG3e1V5DBU/oCtbIz9dGRyew/K88zlDJb/mv92BhwPbOZn0hgdrE1Mn5 oMShpwhtICmM3+EhgIL84z2bla01x2iYCU09oo7Q8/KXBggNLr5TXaN2Qc56pNeD wT1HUBGvSwB9Evxn1Sv9AeQY2vIe43ArlMIojJI5LoPOzCy+q9B/C6AvvwWusAfS IvUW4sdXN6Gsgh2cgeRieKqnWD+9Sj3sSlQq67nD9aigk3MhrHOGCHcPlYR3pqWd /ONpzXG8SWhm4/0/0EGveGvZ+8KMtAdJSSihhqS2ZF7sYWQS4NaA7/Fev3baz49t G1puuWe04Jtatc6zmZ9pplXTJWpHXyrnSbSqGRTadeU3c3k3qIrI/3ESu1jA6QdY KXtB9bi7/mT4cbYU2i4l5w0f3mNRNTDKgBp7wdzHEWuu9ov0fKdYHVicxJmvwJqA kdVUEV2fyFexCFrFn+YcMIb7DZOYHAulL8F6Pdi9C4xwBkvXqUy/9o6Y8BSDiNjs 6RUQw34DAo9euYVaYkwXZGL58XbifFzTrr/nQWSK45ic/FoGQqUqBpsKXQUuBC76 yJQmOAwt4aUl9//0ptz8CtiQoTulOVBzdYQKXPRddfPODBZHOBQ= =yFdP -----END PGP SIGNATURE-----
