On Sun, 2012-04-08 at 20:01 +0200, Mikulas Patocka wrote: > install links2 and electric-fence package > run: > LD_PRELOAD=/usr/lib/libefence.so EF_ALIGNMENT=0 links2 -g > http://artax.karlin.mff.cuni.cz/~mikulas/debian-libtiff-bug/debian- > libpng-1.2.44-crash.png > > You get a crash in inflate.
Have you actually verified that the crash has any security impact, or is this just conjecture? > I tried it on upstream libpng, upstream versions up to 1.2.47 crash. 1.2.48 > and > 1.2.49 dont' crash. [...] > This bug is already fixed in libpng-1.2.48 (the buggy function > png_push_read_zTXt is removed), but Debian didn't backport the fix. Removal of functions from shared libraries isn't really something that's going to get backported. Regards, Adam -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
