libgc is vulnerable to integer overflows in multiple places. In some cases,
when asked to allocate a huge quantity of memory, instead of failing the
request, it will return a pointer to a small amount of memory possibly
tricking the application into a buffer overwrite.
For Debian 7 Wheezy, these problems have been fixed in version
1:7.1-9.1+deb7u1.
We recommend that you upgrade your libgc packages.
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: <https://wiki.debian.org/LTS>