Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Wed, 30 Mar 2016 15:04:06 +0530
From: Huzaifa Sidhpurwala <huzaifas@...hat.com>
To: oss-security@...ts.openwall.com
Subject: Two flaws - libjpeg and libtiff

Hi All,

We have made two security flaws public today. They were privately
reported to us by  Aladdin Mubaied. Details as follows:

1. null pointer dereference in libjpeg library in cjpeg
This is a flaw in the cjpeg utility available with the libjpeg library,
details available at:
https://bugzilla.redhat.com/show_bug.cgi?id=1318509

2. buffer-overflow in gif2tiff utility:
This is bundled with libtiff, details available at:
https://bugzilla.redhat.com/show_bug.cgi?id=1319503


-- 
Huzaifa Sidhpurwala / Red Hat Product Security Team

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ