Date: Mon, 15 Feb 2016 10:44:58 +0100 From: Stefan Cornelius <scorneli@...hat.com> To: oss-security@...ts.openwall.com Cc: cve-assign@...re.org Subject: CVE request: foomatic-rip unhtmlify() buffer overflow vulnerability Hi, A buffer-overflow vulnerability was discovered in the unhtmlify() function of foomatic-rip. The function did not properly calculate buffer sizes, possibly leading to a heap-based memory corruption. A remote, unauthenticated attacker could exploit this flaw to cause foomatic-rip to crash or possibly execute arbitrary code. This is a rather old bug, which was fixed upstream a long time ago. Fixed in: rev 239 of the HEAD branch and rev 225 of the 4.0.x branch References: Upstream bug: https://bugs.linuxfoundation.org/show_bug.cgi?id=515 RH bug: https://bugzilla.redhat.com/show_bug.cgi?id=1218297 Thanks, -- Stefan Cornelius / Red Hat Product Security
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ