Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 21 Aug 2013 22:52:33 +0200
From: "Thijs Kinkhorst" <>
Subject: Re: CVE request: lcms 1.x buffer overflows

On Wed, August 21, 2013 22:20, Kurt Seifried wrote:
> Hash: SHA1
> On 08/05/2013 06:49 AM, Raphael Geissert wrote:
>> On 5 August 2013 07:25, Thijs Kinkhorst <> wrote:
>>> Buffer overflows have been reported in Little CMS 1.x:
>> Just a quick note: one of the affected parts of the code is a
>> sample and the other is the tiffdiff(1) tool, where the buffer
>> overflow is triggered by the file names passed as arguments.
>> Cheers,
> can you post the filenames/affected code? thanks.

You can find it in this patch:
linked from:


Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ