Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Wed, 24 Feb 2016 10:26:40 -0800
From: Alan Coopersmith <alan.coopersmith@...cle.com>
To: oss-security@...ts.openwall.com
CC: "X.Org Security Team" <xorg-security@...ts.x.org>
Subject: Re: [Pixman] create_bits(): Cast the result of height
 * stride to size_t

On 02/24/16 04:10 AM, Gustavo Grieco wrote:
>   Hi,
>
> There is an (old) integer overflow in create_bits in the pixman library.
> Patch and details are available here:
>
> https://web.archive.org/web/20141227044037/http://lists.freedesktop.org/archives/pixman/2014-April/003244.html

The quoted patch was applied to the master branch of the pixman git repo as:

https://cgit.freedesktop.org/pixman/commit/?id=857e40f3d2bc2cfb714913e0cd7e6184cf69aca3

and to the pixman-0.32 branch as:

https://cgit.freedesktop.org/pixman/commit/?id=50d7b5fa8ea2ae119f35c20ab0dd0413d5103cbb

It is included in pixman 0.32.6 and later releases.

-- 
	-Alan Coopersmith-              alan.coopersmith@...cle.com
	 Oracle Solaris Engineering - http://blogs.oracle.com/alanc

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ