[3.0] imlib2: integer overflow resulting in insufficient heap allocation (CVE-2016-4024)
A vulnerability was found in imlib2. A maliciously crafted filed can
cause an integer overflow,
which will result in insufficient heap allocation.
References:
https://bugzilla.redhat.com/show\_bug.cgi?id=CVE-2016-4024
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=821732
Patch:
https://git.enlightenment.org/legacy/imlib2.git/commit/?id=7eba2e4c8ac0e20838947f10f29d0efe1add8227
(from redmine: issue id 5521, created on 2016-04-28, closed on 2016-05-13)
- Relations:
- parent #5518 (closed)
- Changesets:
- Revision 655fce2f on 2016-05-11T12:00:42Z:
main/imlib2: security fix (CVE-2016-4024). Fixes #5521
(cherry picked from commit 4ab4dc28195ac810b25649d6b25ada802248bfdf)