Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 26 Oct 2016 19:00:23 -0300
From: Gustavo Grieco <gustavo.grieco@...il.com>
To: oss-security@...ts.openwall.com
Subject: Re: Re: librsvg and cairo are causing libpng to write out-of-bounds

A patch was recently proposed:

https://bugs.freedesktop.org/attachment.cgi?id=127421

thanks to John Bowler and his detailed analysis of this issue:

https://bugs.freedesktop.org/show_bug.cgi?id=98165

Can we have a CVE, now that we know it was an integer overflow and we have
a patch?

Regards,
Gustavo.


2016-10-06 21:02 GMT-03:00 John Bowler <john.cunningham.bowler@...il.com>:

> The bug is not specific to librsvg.  This instance happens in
> write_png inside cairo-png.c, but the actual bug is elsewhere.  Other
> exploits probably exist using things other than PNG and SVG.  I think
> this needs to be CVE'ed immediately.
>
> --
> John Bowler <john.cunningham.bowler@...il.com>
> +1 (541) 450-9885
> PO BOX 3151
> KERBY OR 97531-3151
> USA
>

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ