This is not public until February 28th 2003 During an audit of the NetPBM library, Al Viro and Alan Cox found a number of bugs that are potentially exploitable. These bugs could be exploited by creating a carefully crafted image in such a way that it executes arbitrary code when it is processed by either an application from the netpbm-progs package or an application that uses the vulnerable netpbm library. One way that an attacker could exploit these vulnerabilities would be to submit a carefully crafted image to be printed, as the LPRng print spooler used by default in Red Hat Linux releases uses netpbm utilities to parse various types of image files.
errata RHSA-2003:061 in progress
This was released now, right?
An errata has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on the solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHSA-2003-061.html