Date: Sun, 23 Apr 2017 12:52:16 +0200 From: Agostino Sarubbo <ago@...too.org> To: oss-security@...ts.openwall.com Subject: imageworsener: multiple vulnerabilities There are some other vulnerabilities discovered by 'bestshow' and fixed in imageworsener: CVE-2017-7452 NULL pointer dereference in iwbmp_read_info_header https://github.com/jsummers/imageworsener/issues/8 CVE-2017-7453 NULL pointer dereference in iwgif_record_pixel https://github.com/jsummers/imageworsener/issues/9 CVE-2017-7454 heap-buffer-overflow in iwgif_record_pixel https://github.com/jsummers/imageworsener/issues/11 CVE-2017-7623 heap-buffer-overflow in iwmiffr_convert_row32 https://github.com/jsummers/imageworsener/issues/12 CVE-2017-7624 memory leak in imagew-cmd https://github.com/jsummers/imageworsener/issues/10 CVE-2017-7939 stack buffer overflow in read_next_pam_token https://github.com/jsummers/imageworsener/issues/13 CVE-2017-7940 memory leak in imagew-cmd https://github.com/jsummers/imageworsener/issues/18 -- Agostino Sarubbo Gentoo Linux Developer
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.