Synopsis: Moderate: lcms security update Issue date: 2009-01-07 CVE Names: CVE-2008-5316 CVE-2008-5317 Multiple insufficient input validation flaws were discovered in LittleCMS. An attacker could use these flaws to create a specially-crafted image file which could cause an application using LittleCMS to crash, or, possibly, execute arbitrary code when opened. (CVE-2008-5316, CVE-2008-5317) SL 5.x SRPMS: lcms-1.15-1.2.2.el5_2.2.src.rpm i386: lcms-1.15-1.2.2.el5_2.2.i386.rpm lcms-devel-1.15-1.2.2.el5_2.2.i386.rpm python-lcms-1.15-1.2.2.el5_2.2.i386.rpm x86_64: lcms-1.15-1.2.2.el5_2.2.i386.rpm lcms-1.15-1.2.2.el5_2.2.x86_64.rpm lcms-devel-1.15-1.2.2.el5_2.2.i386.rpm lcms-devel-1.15-1.2.2.el5_2.2.x86_64.rpm python-lcms-1.15-1.2.2.el5_2.2.x86_64.rpm -Connie Sieh -Troy Dawson