Debian Security Advisory 1037-1: Andrea Barisani discovered that zgv, an svgalib graphics viewer, attempts to decode JPEG images within the CMYK/YCCK colour space incorrectly, which could lead to the execution of arbitrary code.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/45689/dsa-1037-1.txt
Source: https://packetstormsecurity.com/files/45689/Debian-Linux-Security-Advisory-1037-1.html