Date: Thu, 31 Dec 2015 16:35:49 -0500 From: Glenn Randers-Pehrson <glennrp@...il.com> To: cve-assign@...re.org Cc: oss-security@...ts.openwall.com, Brian Carpenter <brian.carpenter@...il.com> Subject: Re: CVE request: pngcrush-1.3.35 through 1.7.88 segfault when run with "-loco" option On Thu, Dec 31, 2015 at 3:33 PM, <cve-assign@...re.org> wrote: > > Our understanding is that pngcrush is a command-line program, and that > the bug is largely equivalent to a scenario in which the "-loco" > functionality had not been implemented. > There are web services that compress PNG files, using pngcrush as their compression engine. I haven't found any that allow users to specify the "-loco" option, though. > We probably would need a threat model in which the victim cannot > recover from the attack by simply avoiding all subsequent use of the > "-loco" option, e.g., a segfault that realistically could lead to code > execution. > OK, I'm withdrawing the request for a CVE number. Glenn
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.