[Lcms-user] ANNOUNCE: Security patch for 1.18
An ICC-based CMM for color management
Brought to you by:
mm2
Menu
▾
▴
[Lcms-user] ANNOUNCE: Security patch for 1.18
|
From: Marti.Maria <mar...@li...> - 2009-04-19 14:28:57
|
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> </head> <body bgcolor="#ffffff" text="#000000"> Dear LittleCMS community:<o:p></o:p><br> <o:p> </o:p><br> A null pointer dereference flaw was found in LittleCMS 1.18 by handling transformations on monochrome profiles. <br> See attached a patch for lcms-1.18 that corrects such bug. <o:p></o:p><br> <o:p> </o:p><br> I have repacked the distribution, applying this patch, to become: lcms-1.18a<o:p></o:p><br> <o:p> <br> </o:p><b>Severity: Low. </b><br> <br> <b>Description</b>: Monochrome matrix-shaper profiles, when used as output may raise a NULL dereferencing when the curves are malformed.<o:p></o:p><br> <o:p><br> </o:p><b>Comments</b>: No code injection can be done using this bug.<o:p> </o:p>Using monochrome profiles is rare, and using them in the output direction is a corner case. <br> This bug is only exploitable if the application uses monochrome output, and then the crafted profile should be in the output direction. <o:p></o:p><br> Does not affect input profiles, so an attacker could NOT use this flaw by creating a specially-crafted image. <o:p></o:p><br> <o:p> </o:p><o:p> </o:p><br> <b>Patch contains</b>: A check is performed an the function returns NULL when such error is detected.<o:p></o:p><br> <o:p><br> </o:p>Many thanks to Robert Buchholz, from Gentoo for providing the patch.<br> <br> <o:p>Copyright (C) 2009 Marti Maria<br> <br> </o:p><span style="font-size: 10pt; font-family: "Courier New"; color: green;">Permission is hereby granted, free of charge, to any person obtaining <o:p></o:p></span><br> <span style="font-size: 10pt; font-family: "Courier New"; color: green;">a copy of this software and associated documentation files (the "Software"), <o:p></o:p></span><br> <span style="font-size: 10pt; font-family: "Courier New"; color: green;">to deal in the Software without restriction, including without limitation <o:p></o:p></span><br> <span style="font-size: 10pt; font-family: "Courier New"; color: green;">the rights to use, copy, modify, merge, publish, distribute, sublicense, <o:p></o:p></span><br> <span style="font-size: 10pt; font-family: "Courier New"; color: green;">and/or sell copies of the Software, and to permit persons to whom the Software <o:p></o:p></span><br> <span style="font-size: 10pt; font-family: "Courier New"; color: green;">is furnished to do so, subject to the following conditions:<o:p></o:p></span><br> <span style="font-size: 10pt; font-family: "Courier New"; color: green;"><o:p> </o:p></span><br> <span style="font-size: 10pt; font-family: "Courier New"; color: green;">The above copyright notice and this permission notice shall be included in <o:p></o:p></span><br> <span style="font-size: 10pt; font-family: "Courier New"; color: green;">all copies or substantial portions of the Software.<o:p></o:p></span><br> <span style="font-size: 10pt; font-family: "Courier New"; color: green;"><o:p> </o:p></span><br> <span style="font-size: 10pt; font-family: "Courier New"; color: green;">THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, <o:p></o:p></span><br> <span style="font-size: 10pt; font-family: "Courier New"; color: green;">EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO <o:p></o:p></span><br> <span style="font-size: 10pt; font-family: "Courier New"; color: green;">THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND <o:p></o:p></span><br> <span style="font-size: 10pt; font-family: "Courier New"; color: green;">NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE <o:p></o:p></span><br> <span style="font-size: 10pt; font-family: "Courier New"; color: green;">LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION <o:p></o:p></span><br> <span style="font-size: 10pt; font-family: "Courier New"; color: green;">OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION <o:p></o:p></span><br> <span style="font-size: 10pt; font-family: "Courier New"; color: green;">WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.<br> </span><br> Best regards<o:p></o:p><br> Marti Maria<o:p></o:p><br> The LittleCMS project<o:p></o:p><br> <a class="moz-txt-link-freetext" href="http://">http://</a><a href="http://www.littlecms.com">www.littlecms.com</a><o:p></o:p><br> <span style="font-size: 10pt; font-family: "Courier New"; color: green;"><br> </span> </body> </html> |
