How do you guys handle PNG/JPG binary files with potential payloads for all the image viewers?

To: debian-security@lists.debian.org
Subject: How do you guys handle PNG/JPG binary files with potential payloads for all the image viewers?
From: Corey H <user9de1d@gmail.com>
Date: Thu, 16 Jun 2022 21:54:41 +0000
Message-id: <[🔎] CA+3C0Q7uCt_d37f1bQU=xw99EVu8GXarFhHxTM=N0W9MXWcgeg@mail.gmail.com>

how do you guys test all of the potential PNG/JPG potential malware payloads for all of the image viewers (10+ at least in the repositories)?

On #debian at Libera.chat IRC network they suggested it was up to the upstream software sources to I guess....somehow???...test the awful binary formats possible that are out there...? That's a 900%responsibility and 900%dangerous for them to do that. There has got to be something we can do. But who can risk it?

Reply to:

Follow-Ups:
- Re: How do you guys handle PNG/JPG binary files with potential payloads for all the image viewers?
  - From: Davide Prina <Davide.Prina@null.net>
- Re: How do you guys handle PNG/JPG binary files with potential payloads for all the image viewers?
  - From: Samtinel <samtinel_lists@moewe.org>

Prev by Date: Re: CVE-2021-31879 | CVE-2021-38371 | CVE-2016-2781| fixed packages
Next by Date: Re: How do you guys handle PNG/JPG binary files with potential payloads for all the image viewers?
Previous by thread: Re: CVE-2021-31879 | CVE-2021-38371 | CVE-2016-2781| fixed packages
Next by thread: Re: How do you guys handle PNG/JPG binary files with potential payloads for all the image viewers?
Index(es):
- Date
- Thread