oss-sec mailing list archives
CVE Request: icoutils: exploitable crash in wrestool programm
From: Salvatore Bonaccorso <carnil () debian org>
Date: Sun, 8 Jan 2017 09:45:01 +0100
Hi Choongwoo Han reported[0] an exploitable crash in wrestool from the icoutils[1]. The command line tools is e.g. used in KDE's metadataparsing, c.f. [2]. A patch is available in the Debian packaging[3]. Could you please assign a CVE for this issue? Regards, Salvatore [0] https://bugs.debian.org/850017 [1] http://www.nongnu.org/icoutils/ [2] https://codesearch.debian.net/search?q=wrestool&perpkg=1 [3] https://anonscm.debian.org/git/users/cjwatson/icoutils.git/plain/debian/patches/check-offset-overflow.patch
Current thread:
- CVE Request: icoutils: exploitable crash in wrestool programm Salvatore Bonaccorso (Jan 08)
- Re: CVE Request: icoutils: exploitable crash in wrestool programm cve-assign (Jan 08)
- Re: Re: CVE Request: icoutils: exploitable crash in wrestool programm Salvatore Bonaccorso (Jan 09)
- Re: CVE Request: icoutils: exploitable crash in wrestool programm cve-assign (Jan 10)
- Re: Re: CVE Request: icoutils: exploitable crash in wrestool programm Salvatore Bonaccorso (Jan 09)
- Re: CVE Request: icoutils: exploitable crash in wrestool programm cve-assign (Jan 08)