Openwall Project   /home  Owl  JtR  Pro  crypt  pam_passwdqc  tcb  phpass  scanlogd  popa3d  msulogin  /  Linux  BIND  /  advisories  presentations  /  services  donations  /  wordlists  passwords  /  news  community  lists  wiki  CVSweb  mirrors  signatures
bringing security into open environments
 
Password Recovery Resources on the Net
[<prev] [next>] [month] [year] [list] 
Date: Sat, 25 Jul 2009 14:24:01 +0200
From: Robert Buchholz <rbu@...too.org>
To: oss-security@...ts.openwall.com
Cc: Andrea Barisani <lcars@...rt.org>,
 cve@...re.org
Subject: camlimages: Integer overflows in GIF and JPEG readers

Hello,

oCERT reported integer overflows in camlimages when reading PNG images 
earlier this month (oCERT-2009-009), CVE-2009-2295 was assigned.

Upstream has since incorporated the RedHat patch into their CVS:
http://camlcvs.inria.fr/cgi-bin/cvsweb.cgi/bazar-ocaml/camlimages/src/?sortby=date

They also fixed similar integer overflows in gifread.c and jpegread.c 
for values that are used in memory allocations and memcpy().
At least Debian used the existing CVE identifier only for the PNG 
vulnerabilities, so a new identifier might be needed.

A stripped down [by Alexis Ballier] version of the patch is in out BZ:
https://bugs.gentoo.org/show_bug.cgi?id=276235
https://bugs.gentoo.org/attachment.cgi?id=199108


Robert

[ CONTENT OF TYPE application/pgp-signature SKIPPED ]

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Hosted by DataForce ISP - Powered by Openwall GNU/*/Linux