Hi!
Our OSS-Fuzz fuzzing effort (
https://testing.googleblog.com/2016/12/announcing-oss-fuzz-continuous-fuzzing.html)
has located several potential issues in lcms library (crash, heap use after
free, heap buffer overflow) using the fuzz targets we developed (
https://github.com/google/oss-fuzz/tree/master/projects/lcms)
These crashes are now filed in a security-protected monorail tracker (
https://bugs.chromium.org/p/oss-fuzz/issues/list) and we'd like to find
lcms developers to take a look at them.
We will CC developers on these issues to give them access to stack traces
and reproducer data. For that we'd need an e-mail with associated gmail
account.
We will also set up the process to auto-CC these e-mails when we find more
issues.
--
Mike
Sent from phone
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
_______________________________________________
Lcms-user mailing list
Lcms-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/lcms-user
