a5e8c81875
Current git contains fixes for a number of post-2.3.0 security issues:
git shortlog --no-merges -i --grep cve --grep overflow --grep zero v2.3.0..
Even Rouault (2):
Avoid out-of-bounds write overflow due to uint32 overflow computation on images with huge dimensions.
color_apply_icc_profile: avoid potential heap buffer overflow
Hugo Lefeuvre (4):
convertbmp: fix issues with zero bitmasks
jp3d/jpwl convert: fix write stack buffer overflow
jp2: convert: fix null pointer dereference
convertbmp: detect invalid file dimensions early
Karol Babioch (2):
jp3d: Replace sprintf() by snprintf() in volumetobin()
opj_mj2_extract: Check provided output prefix for length
Stefan Weil (1):
Fix some potential overflow issues (#1161)
Young_X (5):
[MJ2] To avoid divisions by zero / undefined behaviour on shift
[JPWL] fix CVE-2018-16375
[JPWL] imagetotga(): fix read heap buffer overflow if numcomps < 3 (#987)
[JPWL] opj_compress: reorder checks related to code block dimensions to avoid potential int overflow
[JP3D] To avoid divisions by zero / undefined behaviour on shift (CVE-2018-14423
ichlubna (1):
openjp3d: Int overflow fixed (#1159)
setharnold (1):
fix unchecked integer multiplication overflow
Drop now upstreamed 0004-install-static-lib.patch.
Add a hash for the LICENSE file.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
4 lines
231 B
Plaintext
4 lines
231 B
Plaintext
# Locally computed:
|
|
sha256 3389a1aa908c2b577863da213db3a170df3edbb1432e99ae5fd3f2ac721d69d3 openjpeg-51f097e6d5754ddae93e716276fe8176b44ec548.tar.gz
|
|
sha256 a6af136f3e15038a666b61f376612a07d9a4e48cb7c01adbf3e33b3f14ab49b6 LICENSE
|