Download
| Alert*
oval:org.secpod.oval:def:54402
advancecomp: collection of recompression utilities AdvanceCOMP could be made to run arbitrary code if it opened a specially crafted file. oval:org.secpod.oval:def:116121 AdvanceCOMP is a set of recompression utilities for .PNG, .MNG and .ZIP files. The main features are : * Recompress ZIP, PNG and MNG files using the Deflate 7-Zip implementation. * Recompress MNG files using Delta and Move optimization. This package contains: * advzip - Recompression and test utilit ... oval:org.secpod.oval:def:1801771 In AdvanceCOMP 2.1, png_compress in pngex.cc in advpng has an integer overflow upon encountering an invalid PNG size, which results in an attempted memcpy to write into a buffer that is too small oval:org.secpod.oval:def:1901787 In AdvanceCOMP 2.1, png_compress in pngex.cc in advpng has an integer overflow upon encountering an invalid PNG size, which results in an attempted memcpy to write into a buffer that is too small oval:org.secpod.oval:def:1700358 In AdvanceCOMP 2.1, png_compress in pngex.cc in advpng has an integer overflow upon encountering an invalid PNG size, which results in an attempted memcpy to write into a buffer that is too small oval:org.secpod.oval:def:205497 AdvanceCOMP is a set of recompression utilities for .PNG, .MNG and .ZIP files. Security Fix: * advancecomp: integer overflow in png_compress in pngex.cc For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE pa ... oval:org.secpod.oval:def:1504431 [1.15-22] - Resolves: #1686115, integer overflow in png_compress [1.15-21] - Resolves: #1711051, CVE-2019-8383 denial of service - Resolves: #1710910, CVE-2019-8379 null pointer dereference [1.15-20] - Mass rebuild 2014-01-24 [1.15-19] - Mass rebuild 2013-12-27 [1.15-18] - Rebuilt for https://fedora ... oval:org.secpod.oval:def:704915 advancecomp: collection of recompression utilities Details: USN-3936-1 fixed a vulnerability in AdvanceCOMP. This update provides the corresponding update for Ubuntu 19.04. Original advisory AdvanceCOMP could be made to run arbitrary code if it opened a specially crafted file. oval:org.secpod.oval:def:704877 advancecomp: collection of recompression utilities AdvanceCOMP could be made to run arbitrary code if it opened a specially crafted file. |