Recent testing discovered quite many failing tools in netpbm package on RHEL5. We should rebase to the latest version to cover all these issues. For more details see the bug 476864, bug 476867 and fedora bug 476989.
+1 for it. The old netpbm contains old and vulnerable libjasper. Given that a lot of work has been done upstream with regards to implement a secure API for safe allocations and lots of utilities were updated to use the secure API I'm all for the rebase. On the other hand upstream changed release policy and we get netpbm from their stable branch, not latest one. So the rebase could be safe with minimal regression risk.
This request was evaluated by Red Hat Product Management for inclusion, but this component is not scheduled to be updated in the current Red Hat Enterprise Linux release. If you would like this request to be reviewed for the next minor release, ask your support representative to set the next rhel-x.y flag to "?".
Release note added. If any revisions are required, please set the "requires_release_notes" flag to "?" and edit the "Release Notes" field accordingly. All revisions will be proofread by the Engineering Content Services team. New Contents: The netpbm package has been updated to fix the following bugs: * Several utilities shipped with netpbm did not accept files from standard input even though this method was in accordance with documentation. With this update, this issue has been resolved. * Several utilities shipped with netpbm may have crashed during processing of image files. With this update, this issue has been resolved.
An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on therefore solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHBA-2009-1268.html