Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Thu, 31 Dec 2015 16:35:49 -0500
From: Glenn Randers-Pehrson <glennrp@...il.com>
To: cve-assign@...re.org
Cc: oss-security@...ts.openwall.com, 
	Brian Carpenter <brian.carpenter@...il.com>
Subject: Re: CVE request: pngcrush-1.3.35 through 1.7.88 segfault when run
 with "-loco" option

On Thu, Dec 31, 2015 at 3:33 PM, <cve-assign@...re.org> wrote:

>
> Our understanding is that pngcrush is a command-line program, and that
> the bug is largely equivalent to a scenario in which the "-loco"
> functionality had not been implemented.
>

There are web services that compress PNG files, using pngcrush
as their compression engine.  I haven't found any that allow users
to specify the "-loco" option, though.


> We probably would need a threat model in which the victim cannot
> recover from the attack by simply avoiding all subsequent use of the
> "-loco" option, e.g., a segfault that realistically could lead to code
> execution.
>

OK, I'm withdrawing the request for a CVE number.

Glenn

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ