Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Mon, 27 Feb 2017 11:52:36 +0100
From: Agostino Sarubbo <ago@...too.org>
To: oss-security@...ts.openwall.com
Subject: Re: potrace: invalid memory access in findnext (decompose.c)

On Saturday 08 October 2016 22:29:54 Agostino Sarubbo wrote:
> Permalink:
> https://blogs.gentoo.org/ago/2016/08/29/potrace-invalid-memory-access-in-fin
> dnext-decompose-c/

I'd like to notify that upstream released a patch here:
http://potrace.sourceforge.net/patches/potrace-1.13-CVE-2016-8685.patch

and it is fixed in the 1.14 release

-- 
Agostino Sarubbo
Gentoo Linux Developer

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ