(In reply to Mikhail Kasimov from comment #4) > (In reply to Denisart Benjamin from comment #3) > > Ok but can you attach a patch or at least a link to a commit ? > > 've written an email to FreeImage developer > (http://freeimage.sourceforge.net/contact.html). Waiting for his answer. UPD: https://security-tracker.debian.org/tracker/CVE-2016-5684 See "Note" section: http://freeimage.cvs.sourceforge.net/viewvc/freeimage/FreeImage/Source/FreeImage/PluginXPM.cpp?r1=1.17&r2=1.18 http://freeimage.cvs.sourceforge.net/viewvc/freeimage/FreeImage/Source/FreeImage/PluginXPM.cpp?r1=1.18&r2=1.19