Debian Security Advisory DSA 069-1 (xloadimage)

The remote host is missing an update to xloadimage announced via advisory DSA 069-1.
The version of xloadimage (a graphics files viewer for X) that was shipped in Debian GNU/Linux 2.2 has a buffer overflow in the code that handles FACES format images. This could be exploited by an attacker by tricking someone into viewing a specially crafted image using xloadimage which would allow him to execute arbitrary code. This problem was fixed in version 4.1-5potato1.