Date: Sat, 7 Feb 2015 12:13:13 -0500 (EST) From: cve-assign@...re.org To: Michal Zalewski <lcamtuf@...edump.cx> cc: oss-security <oss-security@...ts.openwall.com> Subject: Re: Multiple vulnerabilities in LibTIFF and associated tools > http://lcamtuf.coredump.cx/afl/vulns/libtiff-cvs-1.tif > > - uninitialized memory in putcontig8bitYCbCr21tile > Fixed in: > > 2014-12-29 Even Rouault <even.rouault@...tialys.com> > > * libtiff/tif_getimage.c: in OJPEG case, fix checks on strile width/height > in the putcontig8bitYCbCr42tile, putcontig8bitYCbCr41tile and > putcontig8bitYCbCr21tile cases. > > I don't think this had a CVE number assigned yet. > > http://lcamtuf.coredump.cx/afl/vulns/libtiff-cvs-2.tif > > - uninitialized memory in NeXTDecode > Fixed in: > > 2014-12-29 Even Rouault <even.rouault@...tialys.com> > > * libtiff/tif_next.c: add new tests to check that we don't read outside of > the compressed input stream buffer. > > I don't think this had a CVE number assigned yet. > Use CVE-2014-9655 for these two issues related to access of uninitialized memory, as demonstrated by libtiff-cvs-1.tif and libtiff-cvs-2.tif. > http://lcamtuf.coredump.cx/afl/vulns/libtiff5.tif > > - another use of uninitialized memory in NeXTDecode after fixing the > previous case. > I don't think this had a CVE number assigned yet. Use CVE-2015-1547 for this issue. --- CVE assignment team, MITRE CVE Numbering Authority M/S M300 202 Burlington Road, Bedford, MA 01730 USA [ PGP key available through http://cve.mitre.org/cve/request_id.html ]
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ