Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Tue, 22 Mar 2011 14:29:22 +0100
From: Ludwig Nussel <>
Cc: "Steven M. Christey" <>
Subject: CVE Request: libpng memory leak


libpng has this in it's changelog╣:
version 1.2.39beta05 [August 1, 2009]
  Reject attempt to write iCCP chunk with negative embedded profile length
    (JD Chen)

As it turned out this fixes a DoS (memory consumption on x86_64 and
a segfault on i386) if e.g. GraphicsMagick is used to convert certain
jpeg files to png.
The bug was introduced in 1.2.13beta1:;a=commitdiff;h=0ff85c6923d2c4fca4ac0bad28e387e3b1777d7a#patch19
Then an incomplete attempt to fix it in 1.2.15beta3, due to;a=commitdiff;h=948ee23a2a400672b1751cfc646a7467741e9b2e#patch18
And finally fixed in 1.2.39beta5:;a=commitdiff;h=9e88fcd58c8ce7f2183bc2045e5180cba0043f09#patch19

The Gentoo bug is from 2006 and the final fix from 2009 so this needs either a
2006 or 2009 id I guess.



 (o_   Ludwig Nussel
SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG Nuernberg)

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ