Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAA7hUgECvO16r_FcbxRtZ90FUySQ+emQ_uwcLiyg7wktgcvbgA@mail.gmail.com>
Date: Mon, 5 Aug 2013 14:49:22 +0200
From: Raphael Geissert <geissert@...ian.org>
To: oss-security@...ts.openwall.com
Subject: Re: CVE request: lcms 1.x buffer overflows

On 5 August 2013 07:25, Thijs Kinkhorst <thijs@...ian.org> wrote:
> Buffer overflows have been reported in Little CMS 1.x:
> http://bugs.debian.org/718682

Just a quick note: one of the affected parts of the code is a sample
and the other is the tiffdiff(1) tool, where the buffer overflow is
triggered by the file names passed as arguments.

Cheers,
-- 
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.