** No longer affects: lcms2 (Ubuntu Yakkety) -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1679989
Title: CVE-2016-10165: heap OOB read parsing crafted ICC profile Status in lcms2 package in Ubuntu: Confirmed Status in lcms2 source package in Precise: Confirmed Status in lcms2 source package in Trusty: Confirmed Status in lcms2 source package in Xenial: Confirmed Status in lcms2 source package in Zesty: Confirmed Status in lcms2 source package in Artful: Confirmed Status in lcms2 package in Debian: Fix Released Bug description: The Type_MLU_Read function in cmstypes.c in Little CMS (aka lcms2) allows remote attackers to obtain sensitive information or cause a denial of service via an image with a crafted ICC profile, which triggers an out-of-bounds heap read. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lcms2/+bug/1679989/+subscriptions _______________________________________________ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp