Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <trinity-05553c71-f016-46b0-90e9-bc7adeb72553-1440024619340@3capp-mailcom-lxa05>
Date: Thu, 20 Aug 2015 00:50:19 +0200
From: "Pengsu Cheng" <pcheng@....com>
To: oss-security@...ts.openwall.com
Subject: CVE request: libgpf: use-after-free vulnerability in Decoder.cpp

Name : libpgf
Affected Version: <= 7.15.25
URL : http://www.libpgf.org
Summary : PGF (Progressive Graphics File) library
Description :
libPGF contains an implementation of the Progressive Graphics File (PGF)
which is a new image file format, that is based on a discrete, fast
wavelet transform with progressive coding features. PGF can be used
for lossless and lossy compression.

An use-after-free issue in Decoder.cpp was reported to upstream. The problem is due to lack of validation of ColorTableSize. 

The bug was fixed by upstream:
https://sourceforge.net/p/libpgf/code/147/
https://sourceforge.net/p/libpgf/code/148/

References:

[1] Bug #1251749 - Use-after-free bug in Decoder.cpp
https://bugzilla.redhat.com/show_bug.cgi?id=1251749
[2] https://admin.fedoraproject.org/updates/FEDORA-2015-13336/libpgf-6.14.12-4.fc23

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.