Date: Mon, 15 Feb 2016 10:44:58 +0100 From: Stefan Cornelius <scorneli@...hat.com> To: oss-security@...ts.openwall.com Cc: cve-assign@...re.org Subject: CVE request: foomatic-rip unhtmlify() buffer overflow vulnerability Hi, A buffer-overflow vulnerability was discovered in the unhtmlify() function of foomatic-rip. The function did not properly calculate buffer sizes, possibly leading to a heap-based memory corruption. A remote, unauthenticated attacker could exploit this flaw to cause foomatic-rip to crash or possibly execute arbitrary code. This is a rather old bug, which was fixed upstream a long time ago. Fixed in: rev 239 of the HEAD branch and rev 225 of the 4.0.x branch References: Upstream bug: https://bugs.linuxfoundation.org/show_bug.cgi?id=515 RH bug: https://bugzilla.redhat.com/show_bug.cgi?id=1218297 Thanks, -- Stefan Cornelius / Red Hat Product Security
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.