CVE-2010-0829 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0829): Multiple array index errors in set.c in dvipng 1.11 and 1.12, and teTeX, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a malformed DVI file.
Arch teams, please stabilise dvipng-1.13.
Stable for HPPA.
amd64 stable.
x86 stable
alpha/arm/ia64/s390/sh/sparc stable
Stable for PPC.
ppc64 done; closing as last arch
didnt mean to close; sorry sec guys
Vulnerable dvipng-1.12-r1 removed. All arches stable, so changing whiteboard status.
Thank you all. Remove tex herd from CC, as its nothing to do here anymore.
This issue was resolved and addressed in GLSA 201412-08 at http://security.gentoo.org/glsa/glsa-201412-08.xml by GLSA coordinator Sean Amoss (ackle).