The remote host is missing an update to xzgv announced via advisory DSA 1038-1. Andrea Barisani discovered that xzgv, a picture viewer for X with a thumbnail-based selector, attempts to decode JPEG images within the CMYK/YCCK colour space incorrectly, which could lead to the execution of arbitrary code. For the old stable distribution (woody) this problem has been fixed in version 0.7-6woody3.

For the stable distribution (sarge) this problem has been fixed in version 0.8-3sarge1. For the unstable distribution (sid) this problem will be fixed soon. We recommend that you upgrade your xzgv package. https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201038-1