lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <20050307083038.31106.qmail@www.securityfocus.com>
Date: 7 Mar 2005 08:30:38 -0000
From: Hongzhen Zhou <felix__zhou@...mail.com>
To: bugtraq@...urityfocus.com
Subject: Re: GIMP gifload.exe GIF file (image width)*(image height)==0 DOS
    vulnerability


In-Reply-To: <20050304163537.GA24606@....org>

The bugzilla entry is http://bugzilla.gnome.org/show_bug.cgi?id=169113

The vendor has reponsed:
------- Additional Comment #2 From sven@...p.org 2005-03-03 12:51 ------- 
Added a sanity check in CVS HEAD. I don't consider this worth to be backported
to 2.2, closing as FIXED.

2005-03-03  Sven Neumann  <sven@...p.org>

	* plug-ins/common/gifload.c (ReadImage): added a sanity check for
	bogus frame dimensions. Fixes bug #169113.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ