Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Thu, 2 Feb 2017 00:49:41 -0500
From: <cve-assign@...re.org>
To: <chunibalon@...il.com>
CC: <cve-assign@...re.org>, <oss-security@...ts.openwall.com>
Subject: Re: CVE request: Out-of-Bound read and write issues in put1bitbwtile()(tiff-4.0.7/libtiff/tif-getimage.c:1352) and putgreytile()(tiff-4.0.7/libtiff/tif-getimage.c:1288)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

> they are in netpbm(10.47.63)

> http://bugzilla.maptools.org/show_bug.cgi?id=2654
> http://bugzilla.maptools.org/show_bug.cgi?id=2655

> netpbm calls TIFFRGBAImageGet with width and
> height parameters switched because it looks at the TIFF orientation tag and
> thinks that TIFFRGBAImageGet will do a transposition
> 
> assumption is violated here when switching width and height as the width passed
> to TIFFRGBAImageGet becomes 32800 which is greater than the original width of
> 32

Use CVE-2017-5849 for both 2654 and 2655.

- -- 
CVE Assignment Team
M/S M300, 202 Burlington Road, Bedford, MA 01730 USA
[ A PGP key is available for encrypted communications at
  http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJYksbdAAoJEHb/MwWLVhi2mgoP/j2QykW5WoefH+BF9ah0jCGD
KoDC6fM9Xcz5dH0pr3bYSDC6X8nwUJKmRCRZSNJ1Y4ATP4JmqoG7kLcZNxF1q1YK
l9cWoqdn14JpiLH125y5IcQTbMjsIU4ED2OnfJ65u3vuRizyDmmsrcWHExcFGjS5
+EJmZK1CLsStTZTNBlxc3m2/aObxSTYR5eFvgza1Regk2q+GmIZWQd3VRQBuMDAm
nK32FOWt4Ace9djcxrqkWz4+bdz70JoQZaBBloe/DFkqwE3/TBBbWMf+bn584vLr
nP7gxrjfI9M/B2/Ac7WBT8POw//bo25C0X0LJlSnLjVmIiTcXjGnlMe87thNHJkQ
Lxsg5OnZOhZZvQgpz61567eDX5h9xv7U51ebS59qFpD4yp63znV9tA8DtiZ9WKxn
5e28tfxAABzDWclUJEx6/kobNKytgyTvvPbIrKo75b9FvoYE9lXDLW0eR6fk745Q
0GyP4wptvbPga5aNZpCOBbq9IwXm2yNCGbUvSLNMm+ZPPo80Fs1sBdX26bvTqV0k
FRC0jbp/bcGdC7vSWja3XS9YJSHAZdhlNXFF1sxf+H1Ia5SiYMFWNTyYYER34DZN
EW4RxC0I+pEBsvV6fbznEKo2Abn8AqiyIxJ5orKsie5KOg73vHCx3KMWLPP2HOaW
RZ1j4Wy9tBaf0S+AMiFc
=wfq9
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.