Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Tue, 31 Jan 2017 12:58:41 +0800
From: chunibalon <>
Subject: CVE request: Out-of-Bound read and write issues in
 put1bitbwtile()(tiff-4.0.7/libtiff/tif-getimage.c:1352) and putgreytile()(tiff-4.0.7/libtiff/tif-getimage.c:1288)


        These issues were discovered via libtiff 4.0.7, however after
upstream analysis they were found that they are in netpbm(10.47.63)
       The url of bug tracker:
        Then I mailed the maintainer of netpbm and he promised fix them in
the next Netpbm Super Stable release (the release series I tested) at the
end of March.
       Could you please assign CVE id's for those?
Best Regards,
chunibalon of VARAS@...

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ