oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Two flaws - libjpeg and libtiff

From: Huzaifa Sidhpurwala <huzaifas () redhat com>
Date: Wed, 30 Mar 2016 15:04:06 +0530
Hi All,

We have made two security flaws public today. They were privately
reported to us by  Aladdin Mubaied. Details as follows:

1. null pointer dereference in libjpeg library in cjpeg
This is a flaw in the cjpeg utility available with the libjpeg library,
details available at:
https://bugzilla.redhat.com/show_bug.cgi?id=1318509

2. buffer-overflow in gif2tiff utility:
This is bundled with libtiff, details available at:
https://bugzilla.redhat.com/show_bug.cgi?id=1319503


-- 
Huzaifa Sidhpurwala / Red Hat Product Security Team
Previous By Date Next
Previous By Thread Next

Current thread: