| |||||||||||||
argyllcms: code executionargyllcms: code executionPosted May 17, 2012 1:43 UTC (Thu) by gwg (guest, #20811)Parent article: argyllcms: code execution
This report is inaccurate, and rather late.
Firstly, the bug was in fact a double free, so there is
Secondly, the bug was present in a single utility,
Thirdly, this was fixed in ArgllCMS Release 1.4.0 released
(Log in to post comments)
argyllcms: code execution Posted May 17, 2012 20:04 UTC (Thu) by jimparis (subscriber, #38647) [Link]
This report is about a security update in FC16, not the original upstream release.
Why do you claim a double-free is not exploitable? They most certainly are, in general; is there something about iccdump's particular bug that makes it not?
Anyway, if it is misinformation, it's not LWN's fault, see e.g. http://www.securityfocus.com/bid/53240/discuss
argyllcms: code execution Posted May 17, 2012 20:16 UTC (Thu) by jimparis (subscriber, #38647) [Link]
(replying to myself)
It also seems overly defensive to say that this is only a bug in iccdump and not a bug in icclib. As far as I can tell iccdump.c did not change at all between 1.3.7 and 1.4.0, but rather the fix was located in icc/icc.c, which means the bug *was* compiled into icclib. Maybe what you meant is that iccdump is the only program you're *aware* of that used the vulnerable function, but that doesn't mean someone else wasn't also calling it.
|
|||||||||||||