GLSA-201708-09 : AutoTrace: Multiple vulnerabilities
High Nessus Plugin ID 102798
SynopsisThe remote Gentoo host is missing one or more security-related patches.
DescriptionThe remote host is affected by the vulnerability described in GLSA-201708-09 (AutoTrace: Multiple vulnerabilities)
Heap-based buffer overflows have been discovered in the pstoedit_suffix_table_init and pnm_load_rawpbm functions of AutoTrace.
Remote attackers, by enticing a user to process a crafted bmp image file, could cause a Denial of Service condition.
There is no known workaround at this time.
SolutionGentoo has discontinued support for AutoTrace. We recommend that users unmerge AutoTrace:
# emerge --unmerge 'media-gfx/autotrace'