Date: Wed, 26 Oct 2016 19:00:23 -0300 From: Gustavo Grieco <gustavo.grieco@...il.com> To: oss-security@...ts.openwall.com Subject: Re: Re: librsvg and cairo are causing libpng to write out-of-bounds A patch was recently proposed: https://bugs.freedesktop.org/attachment.cgi?id=127421 thanks to John Bowler and his detailed analysis of this issue: https://bugs.freedesktop.org/show_bug.cgi?id=98165 Can we have a CVE, now that we know it was an integer overflow and we have a patch? Regards, Gustavo. 2016-10-06 21:02 GMT-03:00 John Bowler <john.cunningham.bowler@...il.com>: > The bug is not specific to librsvg. This instance happens in > write_png inside cairo-png.c, but the actual bug is elsewhere. Other > exploits probably exist using things other than PNG and SVG. I think > this needs to be CVE'ed immediately. > > -- > John Bowler <john.cunningham.bowler@...il.com> > +1 (541) 450-9885 > PO BOX 3151 > KERBY OR 97531-3151 > USA >
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ