Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 3 Jul 2015 11:15:24 +0200
From: Stefan Cornelius <>
Subject: Re: CVE-2015-3258 CVE-2015-3279 cups-filters

On Fri, 26 Jun 2015 19:59:14 +0200
Stefan Cornelius <> wrote:
> Hi again,
> I think there's a possible problem with the patch that I failed to
> catch earlier in the process, so you may want to hold packaging for a
> bit until this is fully investigated.
> Sorry for the inconvenience.


Even with the patch for CVE-2015-3258 in version 1.0.70 it was possible
to trigger an integer overflow leading to a heap-based buffer overflow
using the same vector (specially crafted line sizes).

The integer overflow has been assigned CVE-2015-3279 and is fixed in
version 1.0.71. Apart from that, the patch also hardens against
possible crashes due to missing calloc() success checks.


Red Hat bug:

Stefan Cornelius / Red Hat Product Security

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ