Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 7 Apr 2016 23:00:03 -0700
From: Alan Coopersmith <alan.coopersmith@...cle.com>
To: wangmei@....cn
Cc: oss-security@...ts.openwall.com
Subject: Re: CVE-2016-3619 libtiff: Out-of-bounds Read in the
 bmp2tiff tool

On 04/ 7/16 12:32 AM, 王梅 wrote:
> Details
> =======
>
> Product: libtiff
> Affected Versions: <= 4.0.6
> Vulnerability Type: Out-of-bounds Read
> Vendor URL: http://www.libtiff.org/
> CVE ID: CVE-2016-3619
> Credit: Mei Wang of the Cloud Security Team, Qihoo 360

> References:
> [1] http://www.remotesensing.org/libtiff/
> [2] http://bugzilla.maptools.org/buglist.cgi?product=libtiff

Instead of pointing to a list of 305 bugs, please just provide a link to the bug
you filed for each issue so it's easier for distros to check the progress of the
fix.

-- 
	-Alan Coopersmith-              alan.coopersmith@...cle.com
	 Oracle Solaris Engineering - http://blogs.oracle.com/alanc

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ