https://bugzilla.redhat.com/show_bug.cgi?id=1031749
--- Comment #6 from Vincent Danen <vda...@redhat.com> --- Common Vulnerabilities and Exposures assigned an identifier CVE-2013-6630 to the following vulnerability: Name: CVE-2013-6630 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6630 Assigned: 20131105 Reference: FULLDISC:20131112 bugs in IJG jpeg6b & libjpeg-turbo Reference: http://archives.neohapsis.com/archives/fulldisclosure/2013-11/0080.html Reference: http://git.chromium.org/gitweb/?p=chromium/deps/libjpeg_turbo.git;a=commit;h=32cab49bd4cb1ce069a435fd75f9439c34ddc6f8 Reference: http://googlechromereleases.blogspot.com/2013/11/stable-channel-update.html Reference: https://code.google.com/p/chromium/issues/detail?id=299835 The get_dht function in jdmarker.c in libjpeg-turbo through 1.3.0, as used in Google Chrome before 31.0.1650.48 and other products, does not set all elements of a certain Huffman value array during the reading of segments that follow Define Huffman Table (DHT) JPEG markers, which allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted JPEG image. -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=QsgVAejnYY&a=cc_unsubscribe _______________________________________________ mingw mailing list mingw@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/mingw
