Please do not reply directly to this email. All additional comments should be made in the comments box of this bug.
https://bugzilla.redhat.com/show_bug.cgi?id=608644 Glenn Randers-Pehrson <glennrp+...@gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |glennrp+...@gmail.com --- Comment #3 from Glenn Randers-Pehrson <glennrp+...@gmail.com> 2010-06-28 12:11:22 EDT --- A defense for applications that don't need or want the sCAL chunk is to use the png_set_keep_unknown_chunks() mechanism to ignore it. See Mozilla's libpr0n/decoders/png or ImageMagick and GraphicsMagick's coders/png.c, and pngcrush for examples of this. It's a good idea for applications to do this because it reduces resources consumed in reading a PNG, and it reduces their attack surface by making the application invulnerable to future vulnerabilities in known but unused chunks such as sCAL. -- Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug. _______________________________________________ mingw mailing list mingw@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/mingw
