oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

CVE request (libpng)

From: Pınar Yanardağ <pinar () pardus org tr>
Date: Tue, 09 Sep 2008 06:16:33 +0300
Hi all,
libpng 1.2.32beta01 fixes an off-by-one error within the "png_push_read_zTXt()" function in pngread.c when processing malicious PNG images with specially crafted zTXt chunks. 

From release notes [1]:
*Notes:* Fixed 1-byte buffer overflow in pngpread.c Fixed 1-byte buffer overflow in pngtest.c 

[1]: http://sourceforge.net/project/shownotes.php?release_id=624518
Reference: http://sourceforge.net/tracker/index.php?func=detail&aid=2095669&group_id=5624&atid=105624 

Cheers,

--
Pınar Yanardağ
http://pinguar.org
_____________________________

"Always program as if the person who will be maintaining your program is a violent psychopath that knows where you 
live."
-- Martin Golding
Previous By Date Next
Previous By Thread Next

Current thread: