An old project that GP had used for stegnography research has gotten a CVE submitted against it for an out-of-bound write which causes crashes and potential CE (I'm guessing).
The details are hazy, but we ported this utility to Android in order to be able to run stegnographic detection from an App. The effort never really materialized. project: https://github.com/abeluck/stegdetect/issues/10 CVE: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18599 I've updated the README of the project to make it clear that I don't maintain the project. Nor am I the original author. The repo is just a code mirror of the now dead original source: original (dead): http://www.outguess.org/detection.html archive: https://web.archive.org/web/20150415213536/http://www.outguess.org/detection.php I've no plans to do anything about this. But I wanted to share this in case anyone is actually using stegdetect. ~abel
signature.asc
Description: OpenPGP digital signature
_______________________________________________ List info: https://lists.mayfirst.org/mailman/listinfo/guardian-dev To unsubscribe, email: [email protected]
