oss-sec mailing list archives
Re: librsvg and cairo are causing libpng to write out-of-bounds
From: John Bowler <john.cunningham.bowler () gmail com>
Date: Thu, 6 Oct 2016 17:02:16 -0700
The bug is not specific to librsvg. This instance happens in write_png inside cairo-png.c, but the actual bug is elsewhere. Other exploits probably exist using things other than PNG and SVG. I think this needs to be CVE'ed immediately. -- John Bowler <john.cunningham.bowler () gmail com> +1 (541) 450-9885 PO BOX 3151 KERBY OR 97531-3151 USA
Current thread:
- librsvg and cairo are causing libpng to write out-of-bounds Gustavo Grieco (Oct 05)
- Re: librsvg and cairo are causing libpng to write out-of-bounds Glenn Randers-Pehrson (Oct 06)
- <Possible follow-ups>
- Re: librsvg and cairo are causing libpng to write out-of-bounds John Bowler (Oct 06)
- Re: Re: librsvg and cairo are causing libpng to write out-of-bounds Gustavo Grieco (Oct 26)
- Re: librsvg and cairo are causing libpng to write out-of-bounds cve-assign (Oct 26)
- Re: Re: librsvg and cairo are causing libpng to write out-of-bounds Gustavo Grieco (Oct 26)