CVE-2017-1000229

Priority
Medium
Description
Integer overflow bug in function minitiff_read_info() of optipng 0.7.6
allows an attacker to remotely execute code or cause denial of service.
References
Bugs
Assigned-to
mdeslaur
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):released (0.6.4-1ubuntu0.14.04.2)
Ubuntu 16.04 LTS (Xenial Xerus):released (0.7.6-1ubuntu0.16.04.1)
Ubuntu 17.04 (Zesty Zapus):released (0.7.6-1ubuntu0.17.04.1)
Ubuntu 17.10 (Artful Aardvark):released (0.7.6-1ubuntu0.17.10.1)
Ubuntu 18.04 LTS (Bionic Beaver):released (0.7.6-1ubuntu1)
Patches:
Other:https://sourceforge.net/p/optipng/bugs/65/#f6bb
More Information

Updated: 2017-12-15 20:35:34 UTC (commit 13913)