From owner-freebsd-ports-bugs@FreeBSD.ORG Wed Jul 18 20:30:15 2012 Return-Path: Delivered-To: freebsd-ports-bugs@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 938D8106571E for ; Wed, 18 Jul 2012 20:30:15 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 2966C8FC21 for ; Wed, 18 Jul 2012 20:30:13 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.5/8.14.5) with ESMTP id q6IKUDu3097010 for ; Wed, 18 Jul 2012 20:30:13 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.5/8.14.5/Submit) id q6IKUDKi097007; Wed, 18 Jul 2012 20:30:13 GMT (envelope-from gnats) Date: Wed, 18 Jul 2012 20:30:13 GMT Message-Id: <201207182030.q6IKUDKi097007@freefall.freebsd.org> To: freebsd-ports-bugs@FreeBSD.org From: dfilter@FreeBSD.ORG (dfilter service) Cc: Subject: Re: ports/169963: commit references a PR X-BeenThere: freebsd-ports-bugs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: dfilter service List-Id: Ports bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 18 Jul 2012 20:30:15 -0000 The following reply was made to PR ports/169963; it has been noted by GNATS. From: dfilter@FreeBSD.ORG (dfilter service) To: bug-followup@FreeBSD.org Cc: Subject: Re: ports/169963: commit references a PR Date: Wed, 18 Jul 2012 20:28:57 +0000 (UTC) Author: cs Date: Wed Jul 18 20:28:47 2012 New Revision: 301124 URL: http://svn.freebsd.org/changeset/ports/301124 Log: Document buffer overflow in jpeg-turbo PR: ports/169963 Submitted by: Denis E Podolskiy Security: CVE-2012-2806 Modified: head/security/vuxml/vuln.xml Modified: head/security/vuxml/vuln.xml ============================================================================== --- head/security/vuxml/vuln.xml Wed Jul 18 20:26:20 2012 (r301123) +++ head/security/vuxml/vuln.xml Wed Jul 18 20:28:47 2012 (r301124) @@ -52,6 +52,41 @@ Note: Please add new entries to the beg --> + + libjpeg-turbo -- heap-based buffer overflow + + + libjpeg-turbo + 1.2.0 + + + + +

+
The Changelog for version 1.2.1 says: Fixed a regression caused by + 1.2.0[6] in which decompressing corrupt JPEG images (specifically, + images in which the component count was erroneously set to a large + value) would cause libjpeg-turbo to segfault.
+

+
A Heap-based buffer overflow was found in the way libjpeg-turbo + decompressed certain corrupt JPEG images in which the component count + was erroneously set to a large value. An attacker could create a + specially-crafted JPEG image that, when opened, could cause an + application using libpng to crash or, possibly, execute arbitrary code + with the privileges of the user running the application.
+

+ + + + CVE-2012-2806 + + + 2012-05-31 + 2012-07-18 + + + Dokuwiki -- cross site scripting vulnerability _______________________________________________ svn-ports-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-ports-all To unsubscribe, send any mail to "svn-ports-all-unsubscribe@freebsd.org"