CamlImages, an open source image processing library, suffers from several
integer overflows which may lead to a potentially exploitable heap
overflow and result in arbitrary code execution.
The vulnerability is triggered by TIFF image parsing. Specific TIFF
images with large width and height can be crafted to trigger the
I had to rebase the patch against latest upstream (3.0.1).
Also the patch in comment 1 is itself somehow malformed. In
any case, I applied it by hand against the new codebase.
Built in dist-f13:
Build for F10, F11 and F12.
I can't link back to this bug in the updates, apparently
because this bug is private?
I've updated CVS for EL-4 and EL-5. However this package
was never actually built or released in those two branches,
and doesn't build because there are significant missing
Closing this one now ...
ocaml-camlimages-3.0.1-7.fc11.3 has been pushed to the Fedora 11 stable repository. If problems still persist, please make note of it in this bug report.
ocaml-camlimages-3.0.1-3.fc10.3 has been pushed to the Fedora 10 stable repository. If problems still persist, please make note of it in this bug report.