[Png-mng-security] potentially serious memory handling error in libpng

glennrp at comcast.net glennrp at comcast.net
Wed Feb 4 20:46:41 UTC 2009


I omitted the code to fix two of the instances in the gamma_16 handler. 
This is fixed in libpng-1.2.35beta02 which you can find at 
http://www.simplesystems.org/users/glennrp/sbo/lp1235b02 

Glenn 

----- Original Message ----- 
From: glennrp at comcast.net 
To: "Tavis Ormandy" <taviso at sdf.lonestar.org> 
Cc: scarybeasts at gmail.com, png-mng-security at simple.dallas.tx.us 
Sent: Wednesday, February 4, 2009 2:37:47 PM GMT -05:00 US/Canada Eastern 
Subject: Re: [Png-mng-security] potentially serious memory handling error in libpng 


SECURITY SENSITIVE 

I forgot to include the URL, which is 

http://www.simplesystems.org/users/glennrp/sbo/lp1235b01 

Glenn 

----- Original Message ----- 
From: glennrp at comcast.net 
To: "Tavis Ormandy" <taviso at sdf.lonestar.org> 
Cc: scarybeasts at gmail.com, png-mng-security at simple.dallas.tx.us 
Sent: Wednesday, February 4, 2009 2:25:45 PM GMT -05:00 US/Canada Eastern 
Subject: Re: [Png-mng-security] potentially serious memory handling error in libpng 


SECURITY SENSITIVE 

Libpng-1.2.35beta01 addresses this vulnerability... 
_______________________________________________ Png-mng-security mailing list Png-mng-security at simplesystems.org http://www.simplesystems.org/mailman/listinfo/png-mng-security 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.osuosl.org/pipermail/png-mng-security-archive/attachments/20090204/ce44d3b7/attachment.html>


More information about the png-mng-security-archive mailing list