Date: Mon, 5 Aug 2013 14:49:22 +0200 From: Raphael Geissert <geissert@...ian.org> To: oss-security@...ts.openwall.com Subject: Re: CVE request: lcms 1.x buffer overflows On 5 August 2013 07:25, Thijs Kinkhorst <thijs@...ian.org> wrote: > Buffer overflows have been reported in Little CMS 1.x: > http://bugs.debian.org/718682 Just a quick note: one of the affected parts of the code is a sample and the other is the tiffdiff(1) tool, where the buffer overflow is triggered by the file names passed as arguments. Cheers, -- Raphael Geissert - Debian Developer www.debian.org - get.debian.net
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.