Errata overview
Errata ID 509
Date 2018-09-12
Source package lcms2
Fixed in version 2.6-3+deb8u2
This update addresses the following issue:
* Little Color Management System (CMS) has an integer overflow in the
  AllocateDataSet function leading to a heap-based buffer overflow in the
  SetData function via a crafted file in the second argument to
  cmsIT8LoadFromFile. (CVE-2018-16435)
Additional notes
CVE ID CVE-2018-16435
UCS Bug number #47773