Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug.
--- Comment #9 from Tom Lane <tgl(a)redhat.com> 2009-06-09 12:52:46 EDT ---
Well, it would have to have a bug that causes it to process whole bytes
(groups of 8 pixels) without regard to the declared image width. That seems
unlikely to escape notice for long so far as "display" actions go. I suppose
the most plausible route for an information leak is if the bytes get shoved
directly into some other image file (either an output PNG or some other format
with similar representational details), and then the attacker manages to get
access to that file. I think we've previously decided that bugs in PNG-writing
applications aren't really grounds for security responses, and this would
effectively be in that category.
Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.