oss-sec mailing list archives
CVE request: graphviz buffer overflow while parsinf DOT file
From: Thomas Biege <thomas () suse de>
Date: Wed, 15 Oct 2008 13:59:29 +0200
Hi, was a CVE-ID assigned to the following issue already? ------------------------------- The graphviz team has just released a patch to a critical security issue I reported to them. The following is the advisory (also available at http://roeehay.blogspot.com/2008/10/graphviz-buffer-overflow-code-execution.html): Background ========== Graphviz is an open-source multi-platform graph visualization software. It takes a description of graphs in a simple text format (DOT language), and makes diagrams out of it in several useful formats (including SVG). ... ------------------------------- -- Bye, Thomas -- Thomas Biege <thomas () suse de>, SUSE LINUX, Security Support & Auditing SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG Nuernberg) -- Hamming's Motto: The purpose of computing is insight, not numbers. -- Richard W. Hamming
Current thread:
- CVE request: graphviz buffer overflow while parsinf DOT file Thomas Biege (Oct 15)
- Re: CVE request: graphviz buffer overflow while parsinf DOT file Tomas Hoger (Oct 15)