[3.4] lcms2: Out-of-bounds read in Type_MLU_Read() (CVE-2016-10165)
An out-of-bounds read in cmstypes.c in Type_MLU_Read function was found, leading to heap memory leak triggered by crafted ICC profile.
Patch:
https://github.com/mm2/Little-CMS/commit/5ca71a7bc18b6897ab21d815d15e218e204581e2
Reference:
http://seclists.org/oss-sec/2016/q3/288
(from redmine: issue id 6779, created on 2017-01-31, closed on 2017-02-02)
- Relations:
- parent #6776 (closed)
- Changesets:
- Revision f86d34d3 by Sergei Lukin on 2017-02-01T13:15:21Z:
main/lcms2: security upgrade to 2.8 - fixes #6779
CVE-2016-10165: Out-of-bounds read in Type_MLU_Read()