There is a heap-based buffer overflow in the pcxLoadRaster function of in_pcx.cpp in sam2p 0.49.4. A crafted input will lead to a denial of service or possibly unspecified other impact.Referenceshttps://github.com/pts/sam2p/issues/32https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=891527https://lists.debian.org/debian-lts-announce/2018/04/msg00004.html
