[<prev] [next>] [day] [month] [year] [list]
Message-ID: <6637563.hSMPS8suxu@arcadia>
Date: Sun, 23 Apr 2017 12:52:16 +0200
From: Agostino Sarubbo <ago@...too.org>
To: oss-security@...ts.openwall.com
Subject: imageworsener: multiple vulnerabilities
There are some other vulnerabilities discovered by 'bestshow' and fixed in
imageworsener:
CVE-2017-7452
NULL pointer dereference in iwbmp_read_info_header
https://github.com/jsummers/imageworsener/issues/8
CVE-2017-7453
NULL pointer dereference in iwgif_record_pixel
https://github.com/jsummers/imageworsener/issues/9
CVE-2017-7454
heap-buffer-overflow in iwgif_record_pixel
https://github.com/jsummers/imageworsener/issues/11
CVE-2017-7623
heap-buffer-overflow in iwmiffr_convert_row32
https://github.com/jsummers/imageworsener/issues/12
CVE-2017-7624
memory leak in imagew-cmd
https://github.com/jsummers/imageworsener/issues/10
CVE-2017-7939
stack buffer overflow in read_next_pam_token
https://github.com/jsummers/imageworsener/issues/13
CVE-2017-7940
memory leak in imagew-cmd
https://github.com/jsummers/imageworsener/issues/18
--
Agostino Sarubbo
Gentoo Linux Developer
Powered by blists - more mailing lists
Please check out the
Open Source Software Security Wiki, which is counterpart to this
mailing list.
Confused about mailing lists and their use?
Read about mailing lists on Wikipedia
and check out these
guidelines on proper formatting of your messages.
