USN published
freeimage (3.17.0+ds1-5+deb9u1build0.18.04.1) bionic-security; urgency=medium * fake sync from Debian freeimage (3.17.0+ds1-5+deb9u1) stretch-security; urgency=high * Non-maintainer upload by the Security Team. * CVE-2019-12213: stack exhaustion caused by unwanted recursion in ReadThumbnail (Closes: #929597). * CVE-2019-12211: heap buffer overflow caused by invalid memcpy in PluginTIFF. -- Eduardo Barretto <email address hidden> Mon, 14 Sep 2020 13:39:37 -0300