Ubuntu Security Notice 1043-1 - It was discovered that a NULL pointer dereference in the code for handling transformations of monochrome profiles could allow an attacker to cause a denial of service through a specially crafted image.
c62d421109160a585ae86d275e76b940f16932fb458022649ae1182da46a022e
Mandriva Linux Security Advisory 2009-121 - Multiple security vulnerabilities has been identified and fixed in Little cms. This update provides fixes for these issues. Packages for 2008.0 are being provided due to extended support for Corporate products.
b1c96bf179cf7611ccb91e5558988d8123f8e22c2f03322a9e4e4aa0b1473f0c
Mandriva Linux Security Advisory 2009-162 - Multiple security vulnerabilities has been identified and fixed in Little cms library embedded in OpenJDK.
12c90d8e3f3b2b5d0ac1ba6b038027034171284bb4adfe356ea434f21d413ac8
Mandriva Linux Security Advisory 2009-137 - Multiple security vulnerabilities has been identified and fixed in Little cms library embedded in OpenJDK. This update provides fixes for these issues. java-1.6.0-openjdk requires rhino packages and these has been further updated.
f4b765dd3a8d255bd547e542daffc7433c55b00e65db844ce078a2a85ed532c1
Mandriva Linux Security Advisory 2009-121 - Multiple security vulnerabilities has been identified and fixed in Little CMS. A memory leak flaw allows remote attackers to cause a denial of service (memory consumption and application crash) via a crafted image file. Multiple integer overflows allow remote attackers to execute arbitrary code via a crafted image file that triggers a heap-based buffer overflow. Multiple stack-based buffer overflows allow remote attackers to execute arbitrary code via a crafted image file associated with a large integer value for the (1) input or (2) output channel. A flaw in the transformations of monochrome profiles allows remote attackers to cause denial of service triggered by a NULL pointer dereference via a crafted image file. This update provides fixes for these issues.
128b2e6b39bb8559db988ef3a065a0a1f8e056209cbe8d7fa77bda7e09b9db5f
Gentoo Linux Security Advisory GLSA 200904-19 - Multiple errors in LittleCMS allow for attacks including the remote execution of arbitrary code. RedHat reported a null-pointer dereference flaw while processing monochrome ICC profiles. Chris Evans also discovered memory leaks, integer overflows, and stack-based overflows. Versions less than 1.18-r1 are affected.
e3539824a2eae5dbe90fe0fb63225c5786d23d1f68b49df72ee7465b5d262ae5
Debian Security Advisory 1769-1 - Several vulnerabilities have been identified in OpenJDK, an implementation of the Java SE platform.
cd608fa6c076345b0a874fdfd34d8a9d0ee02a13f6ebd86be7fb0feca8715eb6