Ubuntu 17.10 (Artful Aardvark) has reached end of life, so this bug will
not be fixed for that specific release.
** Changed in: lcms2 (Ubuntu Artful)
Status: Confirmed => Won't Fix
--
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1679989
Title:
CVE-2016-10165: heap OOB read parsing crafted ICC profile
Status in lcms2 package in Ubuntu:
Confirmed
Status in lcms2 source package in Precise:
Won't Fix
Status in lcms2 source package in Trusty:
Confirmed
Status in lcms2 source package in Xenial:
Confirmed
Status in lcms2 source package in Zesty:
Confirmed
Status in lcms2 source package in Artful:
Won't Fix
Status in lcms2 package in Debian:
Fix Released
Bug description:
The Type_MLU_Read function in cmstypes.c in Little CMS (aka lcms2)
allows remote attackers to obtain sensitive information or cause a
denial of service via an image with a crafted ICC profile, which
triggers an out-of-bounds heap read.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/lcms2/+bug/1679989/+subscriptions
_______________________________________________
Mailing list: https://launchpad.net/~group.of.nepali.translators
Post to : [email protected]
Unsubscribe : https://launchpad.net/~group.of.nepali.translators
More help : https://help.launchpad.net/ListHelp
