CVE-2011-2896

NameCVE-2011-2896
DescriptionThe LZW decompressor in the LWZReadByte function in giftoppm.c in the ...
SourceCVE (at NVD; oss-sec, OSVDB, EDB, Red Hat, Ubuntu, Gentoo, SuSE, more)
ReferencesDSA-2354-1, DSA-2426-1
Debian Bugs643753
Debian/oldstablenot vulnerable.
Debian/stablenot vulnerable.
Debian/testingnot vulnerable.
Debian/unstablenot vulnerable.

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
cups (PTS)squeeze1.4.4-7+squeeze3fixed
squeeze (security)1.4.4-7+squeeze4fixed
wheezy1.5.3-5+deb7u1fixed
jessie, sid1.7.2-1fixed
gimp (PTS)squeeze, squeeze (security)2.6.10-1+squeeze4fixed
wheezy, wheezy (security)2.8.2-2+deb7u1fixed
jessie2.8.10-0.1fixed
sid2.8.10-1fixed

The information above is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
cupssource(unstable)1.5.0-8
cupssourcelenny1.3.8-1+lenny10DSA-2354-1
cupssourcesqueeze1.4.4-7+squeeze1DSA-2354-1
gimpsource(unstable)2.6.11-5643753
gimpsourcesqueeze2.6.10-1+squeeze3DSA-2426-1

Notes

There's more: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-2896

Search for package or bug name: Reporting problems

Home - Testing Security Team - Debian Security - Source (SVN)