diff -u optipng-0.6.1.1/debian/changelog optipng-0.6.1.1/debian/changelog
--- optipng-0.6.1.1/debian/changelog
+++ optipng-0.6.1.1/debian/changelog
@@ -1,3 +1,10 @@
+optipng (0.6.1.1-2) stable; urgency=low
+
+  * Security upload
+    - Fix an array overflow vulnerability (CVE-2009-0749).
+
+ -- Nelson A. de Oliveira <naoliv@debian.org>  Tue, 10 Mar 2009 02:13:16 +0000
+
 optipng (0.6.1.1-1) unstable; urgency=high
 
   * New upstream release (kindly provided by Cosmin Truţa, fixing only
only in patch2:
unchanged:
--- optipng-0.6.1.1.orig/lib/pngxtern/gif/gifread.c
+++ optipng-0.6.1.1/lib/pngxtern/gif/gifread.c
@@ -219,8 +219,7 @@
  **/
 static void GIFReadNextExtension(struct GIFExtension *ext, FILE *stream)
 {
-    unsigned char *ptr;
-    unsigned int len;
+    unsigned int offset, len;
     int count, label;
 
     GIF_FGETC(label, stream);
@@ -233,7 +232,7 @@
         return;
     }
 
-    ptr = ext->Buffer;
+    offset = 0;
     len = ext->BufferSize;
     for ( ;; )
     {
@@ -243,10 +242,10 @@
             ext->BufferSize += 1024;
             ext->Buffer = realloc(ext->Buffer, ext->BufferSize);
         }
-        count = ReadDataBlock(ptr, stream);
+        count = ReadDataBlock(ext->Buffer + offset, stream);
         if (count == 0)
             break;
-        ptr += count;
+        offset += count;
         len -= count;
     }
 }