Date: Thu, 12 Nov 2015 13:26:27 -0500 From: Glenn Randers-Pehrson <glennrp@...il.com> To: oss-security@...ts.openwall.com Subject: CVE request: libpng buffer overflow in png_set_PLTE I request a CVE for a vulnerability in libpng, all versions, in the png_set_PLTE/png_get_PLTE functions. These functions failed to check for an out-of-range palette when reading or writing PNG files with a bit_depth less than 8. Some applications might read the bit depth from the IHDR chunk and allocate memory for a 2^N entry palette, while libpng can return a palette with up to 256 entries even when the bit depth is less than 8. libpng versions 1.6.19, 1.5.24, 1.4.17, 1.2.54, and 1.0.64 were released today (12 November 2015) to fix this vulnerability. See libpng.sourceforge.net regards, Glenn Randers-Pehrson libpng custodian
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ