Overview
Request 715992 accepted
- version update to 1.2.59
Added png_check_chunk_length() function, and check all chunks except
IDAT against the default 8MB limit; check IDAT against the maximum
size computed from IHDR parameters (Fixes CVE-2017-12652).
Initialize memory allocated by png_inflate to zero, using memset, to
stop an oss-fuzz "use of uninitialized value" detection in png_set_text_2()
due to truncated iTXt or zTXt chunk.
Request History
pgajdos created request
- version update to 1.2.59
Added png_check_chunk_length() function, and check all chunks except
IDAT against the default 8MB limit; check IDAT against the maximum
size computed from IHDR parameters (Fixes CVE-2017-12652).
Initialize memory allocated by png_inflate to zero, using memset, to
stop an oss-fuzz "use of uninitialized value" detection in png_set_text_2()
due to truncated iTXt or zTXt chunk.
factory-auto added opensuse-review-team as a reviewer
Please review sources
factory-auto accepted review
Check script succeeded
staging-bot added openSUSE:Factory:Staging:adi:18 as a reviewer
Being evaluated by staging project "openSUSE:Factory:Staging:adi:18"
staging-bot accepted review
Picked openSUSE:Factory:Staging:adi:18
namtrac accepted review
licensedigger accepted review
ok
staging-bot accepted review
ready to accept
staging-bot approved review
ready to accept
dimstar_suse accepted request
Accept to openSUSE:Factory