CVE-2016-8685 in potrace

To: debian-lts@lists.debian.org
Subject: CVE-2016-8685 in potrace
From: Hugo Lefeuvre <hle@debian.org>
Date: Thu, 30 Mar 2017 16:29:38 +0200
Message-id: <[🔎] 20170330142938.dlwobb5e7v3yugn3@hle-laptop.local>

Hi,

potrace is affected by CVE-2016-8685 causing invalid memory
access and crash via crafted BMP images. This issue has already been
fixed since January in Stretch, and I wanted to backport the patch
for wheezy, but it turned out to be harder than excepted.

In fact the patch applies well, but it doesn't solve the issue when
potrace is built with optimization flags -O2 and above.

I tried to debug it, but debugging with optimization flags >2 is not very
handy. I also asked potrace's maintainer Bartosz Fenski, but he did not
answer yet.

Any advice about how to solve this kind of problems ?

Otherwise, if nobody is against it, I'd mark the issue no-dsa (the
issue is already no-dsa for Jessie).

Cheers,
 Hugo

-- 
             Hugo Lefeuvre (hle)    |    www.owl.eu.com
4096/ ACB7 B67F 197F 9B32 1533 431C AC90 AC3E C524 065E

Attachment: signature.asc
Description: PGP signature

Reply to:

Prev by Date: Re: exim4 & libgnutls26: "A TLS packet with unexpected length was received."
Next by Date: Re: Bug#761945: fixing links for DLAs in the security tracker
Previous by thread: Re: exim4 & libgnutls26: "A TLS packet with unexpected length was received."
Next by thread: improving the report-vuln script
Index(es):
- Date
- Thread