Overview
Request 430385 accepted
- update to 1.3.25:
* EscapeParenthesis(): I was notified by Gustavo Grieco of a heap
overflow in EscapeParenthesis() used in the text annotation code.
While not being able to reproduce the issue, the implementation of
this function is completely redone.
* Utah RLE: Reject truncated/absurd files which caused huge memory
allocations and/or consumed huge CPU. Problem was reported by
Agostino Sarubbo based on testing with AFL.
* SVG/MVG: Fix another case of CVE-2016-2317 (heap buffer overflow) in
the MVG rendering code (also impacts SVG).
* TIFF: Fix heap buffer read overflow while copying sized TIFF
attributes. Problem was reported by Agostino Sarubbo based on
testing with AFL.
Request History
pgajdos created request
- update to 1.3.25:
* EscapeParenthesis(): I was notified by Gustavo Grieco of a heap
overflow in EscapeParenthesis() used in the text annotation code.
While not being able to reproduce the issue, the implementation of
this function is completely redone.
* Utah RLE: Reject truncated/absurd files which caused huge memory
allocations and/or consumed huge CPU. Problem was reported by
Agostino Sarubbo based on testing with AFL.
* SVG/MVG: Fix another case of CVE-2016-2317 (heap buffer overflow) in
the MVG rendering code (also impacts SVG).
* TIFF: Fix heap buffer read overflow while copying sized TIFF
attributes. Problem was reported by Agostino Sarubbo based on
testing with AFL.
licensedigger accepted review
factory-auto added factory-repo-checker as a reviewer
Please review build success
factory-auto accepted review
Check script succeeded
dimstar_suse added as a reviewer
Being evaluated by staging project "openSUSE:Factory:Staging:adi:83"
dimstar_suse accepted review
Picked openSUSE:Factory:Staging:adi:83
factory-repo-checker accepted review
Builds for repo openSUSE:Factory:Staging:adi:83/standard
dimstar_suse accepted review
ready to accept
dimstar_suse approved review
ready to accept
dimstar_suse accepted request
Accept to openSUSE:Factory