oss-sec mailing list archives
Re: CVE id request for imagemagick, libpng and tiff
From: Nico Golde <oss-security+ml () ngolde de>
Date: Tue, 10 Apr 2012 05:31:03 +0200
Hi, * Kurt Seifried <kseifried () redhat com> [2012-04-10 04:54]:
On 04/09/2012 08:31 PM, Nico Golde wrote:We received 3 bug reports targeting imagemagick, libpng and tiff crashing on input when used with electric fence indicating memory errors on handling crafted input. From what I see no CVE ids have been assigned to these bugs yet. Can someone assign ids? libpng: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=668082 (apparently fixed in 1.2.48 with a removal of the buggy function) tiff: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=668087 imagemagick: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=668075Do any of these crashes occur without electric fence? Also I think Vincent Fourmond <fourmond () debian org> stated it succinctly: "On what do you base your claim that it is a user security hole ? While I agree that it is a bug, I fail to see how a crash at the end of a program's execution (cleanup time) necessarily is a user security hole, hence downgrading the severity. Feel free to raise it up again if you have arguments to back your claim."
Ack. The imagemagick bug at least seems to be a false positive create by an efence bug. Cheers Nico -- Nico Golde - http://www.ngolde.de - nion () jabber ccc de - GPG: 0xA0A0AAAA For security reasons, all text in this mail is double-rot13 encrypted.
Attachment:
_bin
Description:
Current thread:
- CVE id request for imagemagick, libpng and tiff Nico Golde (Apr 09)
- Re: CVE id request for imagemagick, libpng and tiff Kurt Seifried (Apr 09)
- Re: CVE id request for imagemagick, libpng and tiff Nico Golde (Apr 09)
- Re: CVE id request for imagemagick, libpng and tiff Kurt Seifried (Apr 09)
- Re: CVE id request for imagemagick, libpng and tiff Nico Golde (Apr 09)
- Re: CVE id request for imagemagick, libpng and tiff Kurt Seifried (Apr 09)