Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Sun, 24 Jan 2016 16:37:37 +0100
From: Salvatore Bonaccorso <>
To: OSS Security Mailinglist <>
Subject: CVE Request: tiff: Out-of-bounds write for invalid images using LogL


Could you assign a CVE for the following issue in tiff:

> 2015-12-27  Even Rouault <even.rouault at>
>         * libtiff/tif_luv.c: fix potential out-of-bound writes in decode
>         functions in non debug builds by replacing assert()s by regular if
>         checks (bugzilla #2522).
>         Fix potential out-of-bound reads in case of short input data.

Fixing commit:


Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ