Mandriva Linux Security Advisory : SDL_image (MDVSA-2008:040)
Critical Nessus Plugin ID 36980
SynopsisThe remote Mandriva Linux host is missing one or more security updates.
DescriptionThe LWZReadByte() and IMG_LoadLBM_RW() functions in SDL_image contain a boundary error that could be triggered to cause a static buffer overflow and a heap-based buffer overflow. If a user using an application linked against the SDL_image library were to open a carefully crafted GIF or IFF ILBM file, the application could crash or possibly allow for the execution of arbitrary code.
The updated packages have been patched to correct this issue.
SolutionUpdate the affected packages.