1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
|
PublicDateAtUSN: 2015-10-12
Candidate: CVE-2015-7802
PublicDate: 2016-04-20
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7802
http://www.openwall.com/lists/oss-security/2015/10/10/2
http://www.ubuntu.com/usn/usn-2951-1
Description:
gifread.c in gif2png, as used in OptiPNG before 0.7.6, allows remote
attackers to cause a denial of service (uninitialized memory read) via a
crafted GIF file.
Ubuntu-Description:
Notes:
Bugs:
https://bugzilla.redhat.com/show_bug.cgi?id=1265956
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=801700
Priority: negligible
Discovered-by: Gustavo Grieco
Assigned-to: mdeslaur
Patches_optipng:
upstream_optipng: released (0.7.6)
precise_optipng: released (0.6.4-1ubuntu0.12.04.1)
trusty_optipng: released (0.6.4-1ubuntu0.14.04.1)
vivid_optipng: ignored (reached end-of-life)
vivid/stable-phone-overlay_optipng: DNE
vivid/ubuntu-core_optipng: DNE
wily_optipng: released (0.7.5-1ubuntu0.1)
devel_optipng: not-affected (0.7.6-1)
|