|
Message-Id: <200907251424.07073.rbu@gentoo.org>
Date: Sat, 25 Jul 2009 14:24:01 +0200
From: Robert Buchholz <rbu@...too.org>
To: oss-security@...ts.openwall.com
Cc: Andrea Barisani <lcars@...rt.org>,
cve@...re.org
Subject: camlimages: Integer overflows in GIF and JPEG readers
Hello,
oCERT reported integer overflows in camlimages when reading PNG images
earlier this month (oCERT-2009-009), CVE-2009-2295 was assigned.
Upstream has since incorporated the RedHat patch into their CVS:
http://camlcvs.inria.fr/cgi-bin/cvsweb.cgi/bazar-ocaml/camlimages/src/?sortby=date
They also fixed similar integer overflows in gifread.c and jpegread.c
for values that are used in memory allocations and memcpy().
At least Debian used the existing CVE identifier only for the PNG
vulnerabilities, so a new identifier might be needed.
A stripped down [by Alexis Ballier] version of the patch is in out BZ:
https://bugs.gentoo.org/show_bug.cgi?id=276235
https://bugs.gentoo.org/attachment.cgi?id=199108
Robert
Download attachment "signature.asc " of type "application/pgp-signature" (837 bytes)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.