November 2013 - mingw - Fedora Mailing-Lists

[Bug 1031749] CVE-2013-6630 libjpeg: information leak (read of uninitialized memory)

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1031749 Vincent Danen <vdanen(a)redhat.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Comment #10 is|1 |0 private| | -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=rOCjFJsLQL&a=cc_unsubscribe

10 years, 4 months

1
0
0 / 0

[Bug 1031749] CVE-2013-6630 libjpeg: information leak (read of uninitialized memory)

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1031749 --- Comment #11 from Huzaifa S. Sidhpurwala <huzaifas(a)redhat.com> --- (In reply to Vincent Danen from comment #0) > Interestingly, the report at [2] indicates that libjpeg does not appear to > be affected and indicates that a "simple fix for this is to locate get_dht > in jdmarker.c and make sure that the huffval[] table is zeroed before use" > however looking at a diff (see below) of jdmarker.c in libjpeg vs > libjpeg-turbo doesn't seem to back that up (as a result this needs to be > checked a little more closely as this zeroing of the huffval[] table does > look applicable to libjpeg as well). > This issue does not affect libjpeg because there is already a check in jpeg_huff_decode(): >From jdhuff.c: 425 /* With garbage input we may reach the sentinel value l = 17. */ 426 427 if (l > 16) { 428 WARNMS(state->cinfo, JWRN_HUFF_BAD_CODE); 429 return 0; /* fake a zero as the safest result */ 430 } 431 432 return htbl->pub->huffval[ (int) (code + htbl->valoffset[l]) ]; 433 } -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=QW9Sgm7qny&a=cc_unsubscribe

10 years, 4 months

1
0
0 / 0

[Bug 1031749] CVE-2013-6630 libjpeg: information leak (read of uninitialized memory)

by Red Hat Bugzilla

10 years, 4 months

1
0
0 / 0

[Bug 1031749] CVE-2013-6630 libjpeg: information leak (read of uninitialized memory)

by Red Hat Bugzilla

10 years, 4 months

1
0
0 / 0

[Bug 1031734] CVE-2013-6629 libjpeg: information leak (read of uninitialized memory)

by Red Hat Bugzilla

10 years, 4 months

1
0
0 / 0

[Bug 1031734] CVE-2013-6629 libjpeg: information leak (read of uninitialized memory)

by Red Hat Bugzilla

10 years, 4 months

1
0
0 / 0

[Bug 1031749] CVE-2013-6630 libjpeg: information leak (read of uninitialized memory)

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1031749 Vincent Danen <vdanen(a)redhat.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Depends On|1031740 | Referenced Bugs: https://bugzilla.redhat.com/show_bug.cgi?id=1031740 [Bug 1031740] CVE-2013-6629 mingw-libjpeg-turbo: various flaws [fedora-all] -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=pw6TcrukmR&a=cc_unsubscribe

10 years, 4 months

1
0
0 / 0

[Bug 1031749] CVE-2013-6630 libjpeg: information leak (read of uninitialized memory)

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1031749 Vincent Danen <vdanen(a)redhat.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Depends On|1031737 | Referenced Bugs: https://bugzilla.redhat.com/show_bug.cgi?id=1031737 [Bug 1031737] CVE-2013-6629 libjpeg-turbo: various flaws [fedora-all] -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=MteE2gqld9&a=cc_unsubscribe

10 years, 4 months

1
0
0 / 0

[Bug 1031749] CVE-2013-6630 libjpeg: information leak (read of uninitialized memory)

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1031749 Vincent Danen <vdanen(a)redhat.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Depends On|1031739 | -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=0GQLtr8GFF&a=cc_unsubscribe

10 years, 4 months

1
0
0 / 0

[Bug 1031749] CVE-2013-6630 libjpeg: information leak (read of uninitialized memory)

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1031749 Vincent Danen <vdanen(a)redhat.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|impact=moderate,public=2013 |impact=moderate,public=2013 |1112,reported=20131114,sour |1112,reported=20131114,sour |ce=internet,cvss2=4.3/AV:N/ |ce=internet,cvss2=4.3/AV:N/ |AC:M/Au:N/C:P/I:N/A:N,rhel- |AC:M/Au:N/C:P/I:N/A:N,rhel- |5/libjpeg=affected,rhel-6/l |5/libjpeg=affected,rhel-6/l |ibjpeg=affected,rhev-h/libj |ibjpeg=affected,rhev-h/libj |peg=affected,fedora-all/lib |peg=affected,fedora-all/lib |jpeg-turbo=affected,rhel-7/ |jpeg-turbo=notaffected,rhel |libjpeg-turbo=affected,fedo |-7/libjpeg-turbo=notaffecte |ra-all/mingw-libjpeg-turbo= |d,fedora-all/mingw-libjpeg- |affected,epel-5/mingw32-lib |turbo=notaffected,epel-5/mi |jpeg=affected |ngw32-libjpeg=affected --- Comment #10 from Vincent Danen <vdanen(a)redhat.com> --- This is actually fixed in libjpeg-turbo 1.2.90 already, so current Fedora is not affected by this flaw (in libjpeg-turbo). This was done via these two commits: http://sourceforge.net/p/libjpeg-turbo/code/740/ http://sourceforge.net/p/libjpeg-turbo/code/830/ -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=7hKalS77EH&a=cc_unsubscribe

10 years, 4 months

1
0
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

mingw November 2013