Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Sun, 8 Jan 2017 09:45:01 +0100
From: Salvatore Bonaccorso <carnil@...ian.org>
To: OSS Security Mailinglist <oss-security@...ts.openwall.com>
Subject: CVE Request: icoutils: exploitable crash in wrestool programm

Hi

Choongwoo Han reported[0] an exploitable crash in wrestool from the
icoutils[1]. The command line tools is e.g. used in KDE's
metadataparsing, c.f. [2]. A patch is available in the Debian
packaging[3].

Could you please assign a CVE for this issue?

Regards,
Salvatore

 [0] https://bugs.debian.org/850017
 [1] http://www.nongnu.org/icoutils/
 [2] https://codesearch.debian.net/search?q=wrestool&perpkg=1
 [3] https://anonscm.debian.org/git/users/cjwatson/icoutils.git/plain/debian/patches/check-offset-overflow.patch

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ