https://bugzilla.redhat.com/show_bug.cgi?id=1031734
--- Comment #7 from Vincent Danen <vda...@redhat.com> --- Common Vulnerabilities and Exposures assigned an identifier CVE-2013-6629 to the following vulnerability: Name: CVE-2013-6629 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6629 Assigned: 20131105 Reference: FULLDISC:20131112 bugs in IJG jpeg6b & libjpeg-turbo Reference: http://archives.neohapsis.com/archives/fulldisclosure/2013-11/0080.html Reference: http://bugs.ghostscript.com/show_bug.cgi?id=686980 Reference: http://googlechromereleases.blogspot.com/2013/11/stable-channel-update.html Reference: https://code.google.com/p/chromium/issues/detail?id=258723 Reference: https://src.chromium.org/viewvc/chrome?revision=229729&view=revision The get_sos function in jdmarker.c in (1) libjpeg 6b and (2) libjpeg-turbo through 1.3.0, as used in Google Chrome before 31.0.1650.48, Ghostscript, and other products, does not check for certain duplications of component data during the reading of segments that follow Start Of Scan (SOS) JPEG markers, which allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted JPEG image. -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=LgQbuh2Xll&a=cc_unsubscribe _______________________________________________ mingw mailing list mingw@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/mingw
