[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    [oss-security] camlimages: Integer overflows in GIF and JPEG readers
From:       Robert Buchholz <rbu () gentoo ! org>
Date:       2009-07-25 12:24:01
Message-ID: 200907251424.07073.rbu () gentoo ! org
[Download RAW message or body]


Hello,

oCERT reported integer overflows in camlimages when reading PNG images 
earlier this month (oCERT-2009-009), CVE-2009-2295 was assigned.

Upstream has since incorporated the RedHat patch into their CVS:
http://camlcvs.inria.fr/cgi-bin/cvsweb.cgi/bazar-ocaml/camlimages/src/?sortby=date

They also fixed similar integer overflows in gifread.c and jpegread.c 
for values that are used in memory allocations and memcpy().
At least Debian used the existing CVE identifier only for the PNG 
vulnerabilities, so a new identifier might be needed.

A stripped down [by Alexis Ballier] version of the patch is in out BZ:
https://bugs.gentoo.org/show_bug.cgi?id=276235
https://bugs.gentoo.org/attachment.cgi?id=199108


Robert

["signature.asc" (application/pgp-signature)]

[prev in list] [next in list] [prev in thread] [next in thread]