[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-Id: <1238615027.3309.7.camel@dhcp-lab-164.englab.brq.redhat.com>
Date: Wed, 01 Apr 2009 21:43:47 +0200
From: Jan Lieskovsky <jlieskov@...hat.com>
To: "Steven M. Christey" <coley@...us.mitre.org>
Cc: oss-security <oss-security@...ts.openwall.com>
Subject: CVE request -- ghostscript
Hello Steve,
could you please allocate new CVE ids for the following two
Ghostscript issues:
1, DoS (crash) in CCITTFax decoding filter
References:
https://bugzilla.redhat.com/show_bug.cgi?id=493442
https://bugzilla.redhat.com/show_bug.cgi?id=229174
-^ original report, so CVE-2007-XXXX will be needed
https://bugzilla.redhat.com/show_bug.cgi?id=493442#c1 (PoC)
2, Buffer overflow in BaseFont writer module for pdfwrite defice
References:
https://bugzilla.redhat.com/show_bug.cgi?id=493445
http://bugs.ghostscript.com/show_bug.cgi?id=690211
-^ upstream bug report, so CVE-2008-XXXX will be needed
http://svn.ghostscript.com/viewvc?view=rev&sortby=rev&revision=9304 (upstream patch)
Thanks, Jan.
--
Jan iankko Lieskovsky / Red Hat Security Response Team
Powered by blists - more mailing lists
Please check out the
Open Source Software Security Wiki, which is counterpart to this
mailing list.
Confused about mailing lists and their use?
Read about mailing lists on Wikipedia
and check out these
guidelines on proper formatting of your messages.
