Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Tue, 31 Jan 2017 12:58:41 +0800
From: chunibalon <chunibalon@...il.com>
To: oss-security@...ts.openwall.com
Cc: cve-assign@...re.com
Subject: CVE request: Out-of-Bound read and write issues in
 put1bitbwtile()(tiff-4.0.7/libtiff/tif-getimage.c:1352) and putgreytile()(tiff-4.0.7/libtiff/tif-getimage.c:1288)

Hi:

        These issues were discovered via libtiff 4.0.7, however after
upstream analysis they were found that they are in netpbm(10.47.63)
       The url of bug tracker:
        http://bugzilla.maptools.org/show_bug.cgi?id=2654
        http://bugzilla.maptools.org/show_bug.cgi?id=2655
        Then I mailed the maintainer of netpbm and he promised fix them in
the next Netpbm Super Stable release (the release series I tested) at the
end of March.
       Could you please assign CVE id's for those?
Best Regards,
chunibalon of VARAS@...

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ