Stefan Cornelius discovered a vulnerability in the Radiance High Dynamic Range (HDR) image parser in Blender, a 3D modelling application. The weakness could enable a stack-based buffer overflow and the execution of arbitrary code if a maliciously-crafted HDR file is opened, or if a directory containing such a file is browsed via Blender's image-open dialog. For the stable distribution (etch), these problems have been fixed in version 2.42a-7.1+etch1. For the unstable distribution (sid), these problems have been fixed in version 2.45-5. We recommend that you upgrade your blender packages.
Stefan Cornelius discovered a vulnerability in the Radiance High Dynamic Range (HDR) image parser in Blender, a 3D modelling application. The weakness could enable a stack-based buffer overflow and the execution of arbitrary code if a maliciously-crafted HDR file is opened, or if a directory containing such a file is browsed via Blender's image-open dialog.
For the stable distribution (etch), these problems have been fixed in version 2.42a-7.1+etch4.
For the unstable distribution (sid), these problems have been fixed in version 2.45-5.
We recommend that you upgrade your blender packages.
MD5 checksums of the listed files are available in the original advisory.