|
Message-ID: <20170108084501.ncsnqkhyytpawpbh@eldamar.local> Date: Sun, 8 Jan 2017 09:45:01 +0100 From: Salvatore Bonaccorso <carnil@...ian.org> To: OSS Security Mailinglist <oss-security@...ts.openwall.com> Subject: CVE Request: icoutils: exploitable crash in wrestool programm Hi Choongwoo Han reported[0] an exploitable crash in wrestool from the icoutils[1]. The command line tools is e.g. used in KDE's metadataparsing, c.f. [2]. A patch is available in the Debian packaging[3]. Could you please assign a CVE for this issue? Regards, Salvatore [0] https://bugs.debian.org/850017 [1] http://www.nongnu.org/icoutils/ [2] https://codesearch.debian.net/search?q=wrestool&perpkg=1 [3] https://anonscm.debian.org/git/users/cjwatson/icoutils.git/plain/debian/patches/check-offset-overflow.patch
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.