Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Mon, 15 Feb 2016 10:44:58 +0100
From: Stefan Cornelius <scorneli@...hat.com>
To: oss-security@...ts.openwall.com
Cc: cve-assign@...re.org
Subject: CVE request: foomatic-rip unhtmlify() buffer overflow vulnerability

Hi,

A buffer-overflow vulnerability was discovered in the unhtmlify()
function of foomatic-rip. The function did not properly calculate
buffer sizes, possibly leading to a heap-based memory corruption. A
remote, unauthenticated attacker could exploit this flaw to cause
foomatic-rip to crash or possibly execute arbitrary code.

This is a rather old bug, which was fixed upstream a long time ago.

Fixed in:
rev 239 of the HEAD branch and rev 225 of the 4.0.x branch

References:

Upstream bug:
https://bugs.linuxfoundation.org/show_bug.cgi?id=515

RH bug:
https://bugzilla.redhat.com/show_bug.cgi?id=1218297

Thanks,
-- 
Stefan Cornelius / Red Hat Product Security

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ