freeimage ships outdated copies of libpng and libtiff which are vulnerable to the following security issues:
libpng 1.0.6 through 1.0.32, 1.2.0 through 1.2.26, and 1.4.0beta01
through 1.4.0beta19 allows context-dependent attackers to cause a
denial of service (crash) and possibly execute arbitrary code via a
PNG file with zero length "unknown" chunks, which trigger an access
of uninitialized memory.
Multiple buffer underflows in the (1) LZWDecode, (2) LZWDecodeCompat,
and (3) LZWDecodeVector functions in tif_lzw.c in the LZW decoder in
LibTIFF 3.8.2 and earlier allow context-dependent attackers to
execute arbitrary code via a crafted TIFF file, related to improper
handling of the CODE_CLEAR code.
Multiple off-by-one errors in libpng before 1.2.32beta01, and 1.4
before 1.4.0beta34, allow context-dependent attackers to cause a
denial of service (crash) or have unspecified other impact via a PNG
image with crafted zTXt chunks, related to (1) the png_push_read_zTXt
function in pngread.c, and possibly related to (2) pngtest.c.
The png_check_keyword function in pngwutil.c in libpng before 1.0.42,
and 1.2.x before 1.2.34, might allow context-dependent attackers to
set the value of an arbitrary memory location to zero via vectors
involving creation of crafted PNG files with keywords, related to an
implicit cast of the '\0' character constant to a NULL pointer.
NOTE: some sources incorrectly report this as a double free
The PNG reference library (aka libpng) before 1.0.43, and 1.2.x
before 1.2.35, as used in pngcrush and other applications, allows
context-dependent attackers to cause a denial of service (application
crash) or possibly execute arbitrary code via a crafted PNG file that
triggers a free of an uninitialized pointer in (1) the png_read_png
function, (2) pCAL chunk handling, or (3) setup of 16-bit gamma
Memory leak in the png_handle_tEXt function in pngrutil.c in libpng
before 1.2.33 rc02 and 1.4.0 beta36 allows context-dependent
attackers to cause a denial of service (memory exhaustion) via a
crafted PNG file.
See also bug 234080, bug 259578, bug 255231, bug 244808, bug 244808, bug 237175.
New Version seems to have updated the libraries:
"The library has been updated with the new libtiff (3.9.0), libpng (1.2.35) and OpenJPEG (1.3.0) "
*** Bug 300601 has been marked as a duplicate of this bug. ***
(In reply to comment #4)
> removed media-libs/freeimage
The package is no longer in the tree. Should we make the decision about GLSA for users who might still have it installed on their systems?
Gone for over a year, closing noglsa, feel free to reopen.