freeimage ships outdated copies of libpng and libtiff which are vulnerable to the following security issues: CVE-2008-1382 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1382): libpng 1.0.6 through 1.0.32, 1.2.0 through 1.2.26, and 1.4.0beta01 through 1.4.0beta19 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a PNG file with zero length "unknown" chunks, which trigger an access of uninitialized memory. CVE-2008-2327 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2327): Multiple buffer underflows in the (1) LZWDecode, (2) LZWDecodeCompat, and (3) LZWDecodeVector functions in tif_lzw.c in the LZW decoder in LibTIFF 3.8.2 and earlier allow context-dependent attackers to execute arbitrary code via a crafted TIFF file, related to improper handling of the CODE_CLEAR code. CVE-2008-3964 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3964): Multiple off-by-one errors in libpng before 1.2.32beta01, and 1.4 before 1.4.0beta34, allow context-dependent attackers to cause a denial of service (crash) or have unspecified other impact via a PNG image with crafted zTXt chunks, related to (1) the png_push_read_zTXt function in pngread.c, and possibly related to (2) pngtest.c. CVE-2008-5907 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5907): The png_check_keyword function in pngwutil.c in libpng before 1.0.42, and 1.2.x before 1.2.34, might allow context-dependent attackers to set the value of an arbitrary memory location to zero via vectors involving creation of crafted PNG files with keywords, related to an implicit cast of the '\0' character constant to a NULL pointer. NOTE: some sources incorrectly report this as a double free vulnerability. CVE-2009-0040 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0040): The PNG reference library (aka libpng) before 1.0.43, and 1.2.x before 1.2.35, as used in pngcrush and other applications, allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file that triggers a free of an uninitialized pointer in (1) the png_read_png function, (2) pCAL chunk handling, or (3) setup of 16-bit gamma tables.
CVE-2008-6218 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-6218): Memory leak in the png_handle_tEXt function in pngrutil.c in libpng before 1.2.33 rc02 and 1.4.0 beta36 allows context-dependent attackers to cause a denial of service (memory exhaustion) via a crafted PNG file.
See also bug 234080, bug 259578, bug 255231, bug 244808, bug 244808, bug 237175.
New Version seems to have updated the libraries: http://freeimage.sourceforge.net/news.html "The library has been updated with the new libtiff (3.9.0), libpng (1.2.35) and OpenJPEG (1.3.0) "
removed media-libs/freeimage
*** Bug 300601 has been marked as a duplicate of this bug. ***
(In reply to comment #4) > removed media-libs/freeimage The package is no longer in the tree. Should we make the decision about GLSA for users who might still have it installed on their systems?
Gone for over a year, closing noglsa, feel free to reopen.