Date: Wed, 26 Oct 2016 19:00:23 -0300 From: Gustavo Grieco <gustavo.grieco@...il.com> To: oss-security@...ts.openwall.com Subject: Re: Re: librsvg and cairo are causing libpng to write out-of-bounds A patch was recently proposed: https://bugs.freedesktop.org/attachment.cgi?id=127421 thanks to John Bowler and his detailed analysis of this issue: https://bugs.freedesktop.org/show_bug.cgi?id=98165 Can we have a CVE, now that we know it was an integer overflow and we have a patch? Regards, Gustavo. 2016-10-06 21:02 GMT-03:00 John Bowler <john.cunningham.bowler@...il.com>: > The bug is not specific to librsvg. This instance happens in > write_png inside cairo-png.c, but the actual bug is elsewhere. Other > exploits probably exist using things other than PNG and SVG. I think > this needs to be CVE'ed immediately. > > -- > John Bowler <john.cunningham.bowler@...il.com> > +1 (541) 450-9885 > PO BOX 3151 > KERBY OR 97531-3151 > USA >
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.