Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20170102002054.GA21309@jasmine>
Date: Sun, 1 Jan 2017 19:20:54 -0500
From: Leo Famulari <leo@...ulari.name>
To: oss-security@...ts.openwall.com
Subject: Re: libtiff: multiple divide-by-zero

On Sun, Jan 01, 2017 at 04:46:12PM +0100, Agostino Sarubbo wrote:
> Description:
> Libtiff is a software that provides support for the Tag Image File Format 
> (TIFF), a widely used format for storing image data.
> 
> Some crafted images, through a fuzzing revealed multiple division by zero. 
> Since the number of the issues, I will post the relevant part of the 
> stacktrace.
> 
> Affected version / Tested on:
> 4.0.7
> Fixed version:
> N/A
> Commit fix:
> https://github.com/vadz/libtiff/commit/438274f938e046d33cb0e1230b41da32ffe223e1

Do you know if this repository has any relationship to the libtiff project?

It describes itself like this:

"Unofficial mirror of libtiff cvs repository at cvs.maptools.org created
and updated using "git cvsimport"?

Download attachment "signature.asc" of type "application/pgp-signature" (834 bytes)

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.