Hello Hugo,
thanks for update!
> Anton, you know this package better than me, would you be available to test
> the update?
I am also not an expert in the package, but sure, I will try to do it.
Regards
Anton
Am Sa., 23. Nov. 2019 um 10:25 Uhr schrieb Hugo Lefeuvre :
>
> Hi,
>
> Upstream
Hi,
Upstream seems to have merged my patch along with some more changes
regarding CVE-2019-12213[0].
I am planning to take a look at this patch and release a DLA for jessie.
The security team is also planning to release a DSA for stretch and buster.
I am already working on a jessie upload, so I
Hi Anton,
> Thanks, Hugo, for analyzing the issue in details and proposing the fix.
>
> Do you want to add the patch into the corresponding forum-thread
> in freeimage website?
yes, I have just forwarded my message to the SF thread. Let's hope upstream
will find some time to take a look at it.
Thanks, Hugo, for analyzing the issue in details and proposing the fix.
Do you want to add the patch into the corresponding forum-thread
in freeimage website?
Regards
Anton
Am Sa., 26. Okt. 2019 um 16:11 Uhr schrieb Hugo Lefeuvre :
>
> Hi,
>
> The overflow happens during the following call to
Hi,
The overflow happens during the following call to memcpy:
// convert to strip
if(x + tileWidth > width) {
src_line = imageRowSize - rowSize;
} else {
src_line = tileRowSize;
}
BYTE *src_bits = tileBuffer;
BYTE *dst_bits = bits + rowSize;
5 matches
Mail list logo
