Control: tag -1 - security On Tue, 13 Oct 2015 17:39:02 +0200 Salvatore Bonaccorso <car...@debian.org> wrote: > Source: optipng > Version: 0.7.5-1 > Severity: important > Tags: security upstream > > Hi, > > the following vulnerability was published for optipng. > > CVE-2015-7802[0]: > Buffer overflow in global memory > > If you fix the vulnerability please also make sure to include the > CVE (Common Vulnerabilities & Exposures) id in your changelog entry. > > For further information see: > > [0] https://security-tracker.debian.org/tracker/CVE-2015-7802 > [1] https://bugzilla.redhat.com/show_bug.cgi?id=1265956 > [2] https://marc.info/?l=oss-security&m=144300993420279&w=2
This isn't even a security flaw, it's just crap code. LZWGetCode() will *always* read the 2 bytes before the static buffer the first time it's called with flag == 0. Ben. -- Ben Hutchings Anthony's Law of Force: Don't force it, get a larger hammer.
signature.asc
Description: This is a digitally signed message part
_______________________________________________ Pkg-phototools-devel mailing list Pkg-phototools-devel@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-phototools-devel