[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: Re: [oss-security] CVE request: optipng security release
From: Robert Buchholz <rbu () gentoo ! org>
Date: 2009-02-25 16:19:26
Message-ID: 200902251719.29845.rbu () gentoo ! org
[Download RAW message or body]
On Tuesday 24 February 2009, Marcus Meissner wrote:
> Hi,
>
> According to http://optipng.sourceforge.net/
>
> optipng released OptiPNG 0.6.2 fixing
> "All current OptiPNG versions are known to be vulnerable to memory
> reallocation attacks, due to a bug in the GIF image reader.
Note that this is not fixed in 0.6.2, but there is a patch to apply on=20
top of 0.6.2.
0.6.2 was the release fixing CVE-2008-5101 (bmp issue).
Robert
["signature.asc" (application/pgp-signature)]
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic