Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Thu, 2 Feb 2017 01:02:48 -0500
From: <cve-assign@...re.org>
To: <ago@...too.org>
CC: <cve-assign@...re.org>, <oss-security@...ts.openwall.com>
Subject: Re: podofo: infinite loop in PoDoFo::PdfPage::GetInheritedKeyFromObject (PdfPage.cpp)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

> https://blogs.gentoo.org/ago/2017/02/01/podofo-infinite-loop-in-podofopdfpagegetinheritedkeyfromobject-pdfpage-cpp
> AddressSanitizer: stack-overflow
> podofo-0.9.4/src/base/PdfVariant.cpp:151:20

Use CVE-2017-5852.

- -- 
CVE Assignment Team
M/S M300, 202 Burlington Road, Bedford, MA 01730 USA
[ A PGP key is available for encrypted communications at
  http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJYkscVAAoJEHb/MwWLVhi2hy4P/1YzMOcoVFBE7j0E1WraZt9p
WZmGqpJMH/5IPc+cFMn/wGnMPssMn3G+mMOp9u1/f6+dqhSaShM7kBE2U3tYuLsX
trcvaH3cxQy39uAxje2JUZ32de4s4fYoAJnydN4fCDLVtLK7DgRRwmB0LN8xbB9r
D8eC16ISD2WBbqWshkW+w8cjIqZ6B+hOl4Z7iJDgYvm5YF/oXt3h8p8pjnnvlbd+
BGKbukI59xcqamyxQmftO+14BcrjJBGgOHN8V8Xu8uf7JppS50FS4IAYk5ikV4eZ
WEDuZNIey9vuxIAFY29yPc4ZfQYu7ngCGeSgXSAqKLYyUlcrTnLBDRxxuCyhd65V
ul03poDIG/6kAF7zjFA6sKSVNhpRPOoRNTTqvrEXSKZK7GxqYNlHXQM/gtXjF2rY
ZpWaXeaGBnHKOOxCWjdErZfriIB91Cd2UBiSSUw1kmF46uthFcuhUhQCVhSA2MVa
jX9LkI6gKrdAZjDu8IND9sDHxZiiUtL/QX4zeIh80ZtDVD7HfDp+ukZRKRz3d1Me
rdHOcQWkEGiZFwi4ErJ3LBr2oSag1DDR89jgCo3euu4LqCZ9ighv1WQkc8sGVnO1
qsboBNp+eXYf9aCzMl/tNA5qp6qmefowOCFxqE1476QP6PRuDG10F/XisQRjeGJq
hzk+CuS03nK65fnN+Vu8
=2dWy
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.