oss-sec mailing list archives
CVE request: MuPDF Stack-based Buffer Overflow in xps_parse_color()
From: Murray McAllister <mmcallis () redhat com>
Date: Fri, 14 Feb 2014 12:53:34 +1100
Hello,A stack-based buffer overflow in MuPDF's xps_parse_color() function was reported. Full details in http://www.hdwsec.fr/blog/mupdf.html
Upstream bug: http://bugs.ghostscript.com/show_bug.cgi?id=694957Upstream fix: http://git.ghostscript.com/?p=mupdf.git;a=commitdiff;h=60dabde18d7fe12b19da8b509bdfee9cc886aafc
Red Hat bug: https://bugzilla.redhat.com/show_bug.cgi?id=1056699 Thanks, -- Murray McAllister / Red Hat Security Response Team
Current thread:
- CVE request: MuPDF Stack-based Buffer Overflow in xps_parse_color() Murray McAllister (Feb 13)
- Re: CVE request: MuPDF Stack-based Buffer Overflow in xps_parse_color() cve-assign (Feb 18)