Stefan Cornelius of Secunia Research found an insufficient
input sanitation in the way DevIL image library used to process
Digital Imaging and Communications in Medicine (DICOM) images.
If a remote attacker could trick a local user to process
a specially-crafted DICOM image in an application, using
the DevIL image processing library, it could lead to
stack-based buffer overflow and denial of service (application
Issue now public via:
DevIL-1.7.8-4.fc11 has been submitted as an update for Fedora 11.
DevIL-1.7.8-4.fc12 has been submitted as an update for Fedora 12.
DevIL-1.7.8-4.fc12 has been pushed to the Fedora 12 stable repository. If problems still persist, please make note of it in this bug report.
DevIL-1.7.8-4.fc11 has been pushed to the Fedora 11 stable repository. If problems still persist, please make note of it in this bug report.