Please do not reply directly to this email. All additional comments should be made in the comments box of this bug.
https://bugzilla.redhat.com/show_bug.cgi?id=504782 --- Comment #9 from Tom Lane <[email protected]> 2009-06-09 12:52:46 EDT --- Well, it would have to have a bug that causes it to process whole bytes (groups of 8 pixels) without regard to the declared image width. That seems unlikely to escape notice for long so far as "display" actions go. I suppose the most plausible route for an information leak is if the bytes get shoved directly into some other image file (either an output PNG or some other format with similar representational details), and then the attacker manages to get access to that file. I think we've previously decided that bugs in PNG-writing applications aren't really grounds for security responses, and this would effectively be in that category. -- Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug. _______________________________________________ fedora-mingw mailing list [email protected] https://admin.fedoraproject.org/mailman/listinfo/fedora-mingw
