Home page logo

oss-sec logo oss-sec mailing list archives

Re: CVE request: libqt4: two memory issues
From: Tomas Hoger <thoger () redhat com>
Date: Wed, 24 Aug 2011 14:49:44 +0200

On Mon, 22 Aug 2011 10:43:23 +0200 Matthias Weckbecker wrote:

A) buffer overflow (looks only like an off-by-one from a very quick

The fix is for 3rdparty/harfbuzz, any reason to prefer calling it Qt,
rather than harfbuzz / pango issue.  The code even seems to be based on
some FreeType code, though it's not obvious if FreeType was affected by
that.  Is that more than over-read?

B) buffer overflow on greyscale images with multiple samples per pixel

The bug is not public.

Tomas Hoger / Red Hat Security Response Team

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]