https://bugzilla.redhat.com/show_bug.cgi?id=1291312
Bug ID: 1291312
Summary: CVE-2015-8540 libpng: underflow read in
png_check_keyword()
Product: Security Response
Component: vulnerability
Keywords: Security
Severity: medium
Priority: medium
Assignee: security-response-t...@redhat.com
Reporter: mpr...@redhat.com
CC: dr...@land.ru, erik-fed...@vanpienbroek.nl,
fedora-mi...@lists.fedoraproject.org,
kti...@redhat.com, lfar...@lfarkas.org,
p...@city-fan.org, phra...@redhat.com,
rdie...@math.unl.edu, rjo...@redhat.com
An underflow read was found in png_check_keyword in pngwutil.c in
libpng-1.2.54:
If the data of "key" is only ' ' (0x20), it will read a byte before the buffer
in line 1288.
This issue impacts upstream versions 1.2.55, 1.0.65, 1.4.18, and 1.5.25 of
libpng.
An attacker could possibly use this flaw to cause an out-of-bounds read by
tricking an unsuspecting user into processing a specially crafted PNG image.
CVE assignment:
http://seclists.org/oss-sec/2015/q4/469
Upstream issue:
http://sourceforge.net/p/libpng/bugs/244/
Upstream patch:
http://sourceforge.net/p/libpng/code/ci/d9006f683c641793252d92254a75ae9b815b42ed/
--
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug
https://bugzilla.redhat.com/token.cgi?t=qQrX6Dct1p&a=cc_unsubscribe
_______________________________________________
mingw mailing list
mingw@lists.fedoraproject.org
http://lists.fedoraproject.org/admin/lists/mingw@lists.fedoraproject.org
