Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 13 Sep 2016 18:55:08 +0200
From: Hanno Böck <>
To: "" <>
Subject: Re: Heapoverflow in giflib5.1.4


On Tue, 13 Sep 2016 23:20:08 +0800
"" <> wrote:

> With Address Sanitizer there is aa heap overflow in giflib 5.1.4
> More details are available at:

Two notes:
* This is a bug *only* in the gif2rgb command line tool, not in giflib
* I reported this before. The giflib maintainer claimed multiple times
  that he has fixed it, yet he hasn't. See:

Hanno Böck

GPG: FE73757FA60E4E21B937579FA5880072BBB51E42

Content of type "application/pgp-signature" skipped

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ