XEROF

 

xlsgen 4.0.0.16 : Security update


Build 4.0.0.16 of xlsgen is a security update related to a library dependency of xlsgen core called libPNG.

libPNG (PNG is short for Portable Network Graphics), is the official library for reading and writing PNG pictures.

We are using the latest version of libPNG, where a number of vulnerabilities have been closed compared to the version of libPNG we are using until now.

CVE 2015 7981 : potential out-of-bounds read in png_set_tIME()/png_convert_to_rfc1123() and an out-of-bounds write in png_get_PLTE()/png_set_PLTE().

CVE 2015 8126 : potential pointer overflow/underflow in png_handle_sPLT()/png_handle_pCAL() (and in png_handle_iTXt()/png_handle_zTXt() in the pre-1.6 branches), and all such versions likewise have a bug in their png_set_PLTE() implementations that left it open to the out-of-bounds write .

CVE 2015 8540 : potential out-of-bounds read in png_check_keyword().

Posted on 20-January-2016 21:40 | Category: xlsgen, Excel generator | comment[0] | trackback[0]

 

 

<-- previous page

< January >
0102030405
0607080910
1112131415
1617181920
2122232425
2627282930
31



 

 

This site
Home
Articles

DevTools
CPU-Z
EditPlus
ExplorerXP
Kill.exe
OllyDbg
DependencyWalker
Process Explorer
autoruns.exe
Araxis
COM Trace injection
CodeStats
NetBrute
FileMon/Regmon
BoundsChecker
AQTime profiler
Source monitor
GDI leaks tracking
Rootkit revealer
Rootkit removal
RunAsLimitedUser(1)
RunAsLimitedUser(2)

 

 

Liens
Le Plan B
Un jour à Paris
Meneame
Rezo.net (aggr)
Reseau voltaire
Cuba solidarity project
Le grand soir
L'autre journal
Le courrier suisse
L'Orient, le jour
Agoravox (aggr)