Re: CVE Request: Use-after-free in optipng 0.6.4

[Stefan Cornelius <scorneli () redhat com>]

On Wed, 16 Sep 2015 08:11:03 -0300
Gustavo Grieco <gustavo.grieco () gmail com> wrote:

> We found a use-after-free causing an invalid/double free in optipng
> 0.6.4. Upstream is working in fixing it but keep in mind that optipng
> 0.6.x is officially unsupported. A CVE will be useful since such
> version is included in distros like Debian and Ubuntu. Please find
> attached the test case to trigger it. 

Hi,

For some reason the attached image test case didn't make it through.
Gustavo was kind enough to email me a copy and asked me to add it to
our bug for easy public access.

Direct link:
https://bugzilla.redhat.com/attachment.cgi?id=1075212

Our bug for this issue is here:
https://bugzilla.redhat.com/show_bug.cgi?id=1264015

PS: FYI, "On September 20th, 2015, 0:00 UTC we will be upgrading the Red
Hat Bugzilla servers in a migration process lasting 10 to 14 hours."

Thanks,
-- 
Stefan Cornelius / Red Hat Product Security