On Sun, Nov 23, 2014 at 21:13, Jonathan Thornburg wrote:
> Libraries for loading/parsing/processing common image formats like
> JPEG, PNG, GIF, TIFF, etc, have a long history of buffer overruns and
> other security problems. This in turn has been reflected in various
> exploits for command-line im
> Do we (OpenBSD) have any image-viewing software that's written to
> OpenBSD-style security standards? Notably, do we have any image-viewing
> software that's privilige-separated? (I.e., which does the (dangerous)
> image parsing/processing in a separate process which is chrooted, sending
> back
Libraries for loading/parsing/processing common image formats like
JPEG, PNG, GIF, TIFF, etc, have a long history of buffer overruns and
other security problems. This in turn has been reflected in various
exploits for command-line image-viewing tools like xv(1), xloadimage(1),
display(1) [ImageMag
3 matches
Mail list logo
