oss-sec mailing list archives

CVE Requests for read out of bound in libpng

From: xiaoqixue_1 <xiaoqixue_1 () 163 com>
Date: Mon, 26 Oct 2015 11:02:32 +0800 (CST)



Hi, 
there is a memory read out of bound in libpng 1.2.* and 1.4.* , which is used in many operate systems and applications. 
it may leak information in the application .


this bug has been accepted and fixed in LIBPNG :
http://sourceforge.net/p/libpng/bugs/241/



Thanks


Best Regards.


xqx12

Current thread:

CVE Requests for Drupal contributed modules (from SA-CONTRIB-2015-132 to SA-CONTRIB-2015-156) Pere Orga (Oct 14)
- <Possible follow-ups>
- Re: CVE Requests for Drupal contributed modules (from SA-CONTRIB-2015-132 to SA-CONTRIB-2015-156) Evans, Jonathan L. (Oct 21)
  - Re: CVE Requests for Drupal contributed modules (from SA-CONTRIB-2015-132 to SA-CONTRIB-2015-156) Pere Orga (Oct 24)
    - CVE Requests for read out of bound in libpng xiaoqixue_1 (Oct 25)
    - Re: CVE Requests for read out of bound in libpng cve-assign (Oct 26)
    - RE: CVE Requests for Drupal contributed modules (from SA-CONTRIB-2015-132 to SA-CONTRIB-2015-156) Evans, Jonathan L. (Oct 26)