Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Tue, 08 Apr 2014 18:37:34 +0530
From: Huzaifa Sidhpurwala <huzaifas@...hat.com>
To: oss-security@...ts.openwall.com
Subject: jbigkit security flaw

Hi All,

Florian Weimer of Red Hat Product Security Team found a stack-based
buffer overflow flaw in the libjbig library (part of jbigkit).  A
specially-crafted image file read by libjbig could be used to cause a
program linked to libjbig to crash or, potentially, to execute
arbitrary code.

This issue has been assigned CVE-2013-6369.

References:

https://bugzilla.redhat.com/show_bug.cgi?id=1032273
https://www.cl.cam.ac.uk/~mgk25/jbigkit/CHANGES



-- 
Huzaifa Sidhpurwala / Red Hat Security Response Team

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.