oss-sec mailing list archives
CVE request: Out-of-Bound read and write issues in put1bitbwtile()(tiff-4.0.7/libtiff/tif-getimage.c:1352) and putgreytile()(tiff-4.0.7/libtiff/tif-getimage.c:1288)
From: chunibalon <chunibalon () gmail com>
Date: Tue, 31 Jan 2017 13:17:43 +0800
Hi: These issues were discovered via libtiff 4.0.7, however after upstream analysis they were found that they are in netpbm(10.47.63) The url of bug tracker: http://bugzilla.maptools.org/show_bug.cgi?id=2654 http://bugzilla.maptools.org/show_bug.cgi?id=2655 Then I mailed the maintainer of netpbm and he promised fix them in the next Netpbm Super Stable release (the release series I tested) at the end of March. Could you please assign CVE id's for these? Best Regards, chunibalon of VARAS@IIE
Current thread:
- CVE request: Out-of-Bound read and write issues in put1bitbwtile()(tiff-4.0.7/libtiff/tif-getimage.c:1352) and putgreytile()(tiff-4.0.7/libtiff/tif-getimage.c:1288) chunibalon (Jan 30)
- Re: CVE request: Out-of-Bound read and write issues in put1bitbwtile()(tiff-4.0.7/libtiff/tif-getimage.c:1352) and putgreytile()(tiff-4.0.7/libtiff/tif-getimage.c:1288) cve-assign (Feb 01)
- <Possible follow-ups>
- CVE request: Out-of-Bound read and write issues in put1bitbwtile()(tiff-4.0.7/libtiff/tif-getimage.c:1352) and putgreytile()(tiff-4.0.7/libtiff/tif-getimage.c:1288) chunibalon (Jan 30)