Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Sun, 23 Apr 2017 12:52:16 +0200
From: Agostino Sarubbo <ago@...too.org>
To: oss-security@...ts.openwall.com
Subject: imageworsener: multiple vulnerabilities

There are some other vulnerabilities discovered by 'bestshow' and fixed in 
imageworsener:

CVE-2017-7452
NULL pointer dereference in iwbmp_read_info_header
https://github.com/jsummers/imageworsener/issues/8


CVE-2017-7453
NULL pointer dereference in iwgif_record_pixel
https://github.com/jsummers/imageworsener/issues/9


CVE-2017-7454
heap-buffer-overflow in iwgif_record_pixel
https://github.com/jsummers/imageworsener/issues/11


CVE-2017-7623
heap-buffer-overflow in iwmiffr_convert_row32
https://github.com/jsummers/imageworsener/issues/12


CVE-2017-7624
memory leak in imagew-cmd
https://github.com/jsummers/imageworsener/issues/10


CVE-2017-7939
stack buffer overflow in read_next_pam_token
https://github.com/jsummers/imageworsener/issues/13


CVE-2017-7940
memory leak in imagew-cmd
https://github.com/jsummers/imageworsener/issues/18

-- 
Agostino Sarubbo
Gentoo Linux Developer

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.