Date: Wed, 30 Mar 2016 15:04:06 +0530 From: Huzaifa Sidhpurwala <huzaifas@...hat.com> To: oss-security@...ts.openwall.com Subject: Two flaws - libjpeg and libtiff Hi All, We have made two security flaws public today. They were privately reported to us by Aladdin Mubaied. Details as follows: 1. null pointer dereference in libjpeg library in cjpeg This is a flaw in the cjpeg utility available with the libjpeg library, details available at: https://bugzilla.redhat.com/show_bug.cgi?id=1318509 2. buffer-overflow in gif2tiff utility: This is bundled with libtiff, details available at: https://bugzilla.redhat.com/show_bug.cgi?id=1319503 -- Huzaifa Sidhpurwala / Red Hat Product Security Team
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.