Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sun, 1 Jan 2017 19:20:54 -0500
From: Leo Famulari <leo@...ulari.name>
To: oss-security@...ts.openwall.com
Subject: Re: libtiff: multiple divide-by-zero

On Sun, Jan 01, 2017 at 04:46:12PM +0100, Agostino Sarubbo wrote:
> Description:
> Libtiff is a software that provides support for the Tag Image File Format 
> (TIFF), a widely used format for storing image data.
> 
> Some crafted images, through a fuzzing revealed multiple division by zero. 
> Since the number of the issues, I will post the relevant part of the 
> stacktrace.
> 
> Affected version / Tested on:
> 4.0.7
> Fixed version:
> N/A
> Commit fix:
> https://github.com/vadz/libtiff/commit/438274f938e046d33cb0e1230b41da32ffe223e1

Do you know if this repository has any relationship to the libtiff project?

It describes itself like this:

"Unofficial mirror of libtiff cvs repository at cvs.maptools.org created
and updated using "git cvsimport"?

Download attachment "signature.asc" of type "application/pgp-signature" (834 bytes)

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ