Описание
Security update for optipng
This update for optipng fixes the following issues:
Security issue fixed:
- CVE-2017-1000229: Fix integer overflow bug in function minitiff_read_info() allows an attacker to remotely execute code or cause denial of service (boo#1068720).
- CVE-2017-16938: Fix a global buffer overflow that allows attackers to cause DoS via a maliciously crafted GIF file (bsc#1069774).
Список пакетов
openSUSE Leap 42.2
optipng-0.7.5-14.1
openSUSE Leap 42.3
optipng-0.7.5-14.1
Ссылки
- E-Mail link for openSUSE-SU-2017:3162-1
- SUSE Security Ratings
Описание
Integer overflow bug in function minitiff_read_info() of optipng 0.7.6 allows an attacker to remotely execute code or cause denial of service.
Затронутые продукты
openSUSE Leap 42.2:optipng-0.7.5-14.1
openSUSE Leap 42.3:optipng-0.7.5-14.1
Ссылки
- CVE-2017-1000229
- SUSE Bug 1068720
Описание
A global buffer overflow in OptiPNG 0.7.6 allows remote attackers to cause a denial-of-service attack or other unspecified impact with a maliciously crafted GIF format file, related to an uncontrolled loop in the LZWReadByte function of the gifread.c file.
Затронутые продукты
openSUSE Leap 42.2:optipng-0.7.5-14.1
openSUSE Leap 42.3:optipng-0.7.5-14.1
Ссылки
- CVE-2017-16938
- SUSE Bug 1069774