NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
4338a319b7
kumquat-buildroot/package/jasper/0011-fix-CVE-2015-5221.patch
Gustavo Zacarias 61e069e164 jasper: add security patches 
Fixes:
CVE-2016-2116 - Memory leak in jas_iccprof_createfrombuf causing
memory consumption.
CVE-2016-1577 - Double free vulnerability in jas_iccattrval_destroy.
CVE-2016-1867 - out-of-bounds read in the jpc_pi_nextcprl() function.
CVE-2015-5221 - Use-after-free and double-free flaws in Jasper
JPEG-2000 library.
CVE-2015-5203 - double free in jasper_image_stop_load()

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-08-17 08:39:36 +02:00

24 lines
728 B
Diff
Raw Blame History

From: http://pkgs.fedoraproject.org/cgit/rpms/jasper.git/plain/jasper-CVE-2015-5221.patch
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
diff -urNp jasper-1.900.1.orig/src/libjasper/mif/mif_cod.c jasper-1.900.1.new/src/libjasper/mif/mif_cod.c
--- jasper-1.900.1.orig/src/libjasper/mif/mif_cod.c 2016-08-11 13:46:26.166415464 +0200
+++ jasper-1.900.1.new/src/libjasper/mif/mif_cod.c 2016-08-11 14:17:20.507144931 +0200
@@ -569,13 +569,13 @@ static int mif_process_cmpt(mif_hdr_t *h
break;
}
}
- jas_tvparser_destroy(tvp);
if (!cmpt->sampperx || !cmpt->samppery) {
goto error;
}
if (mif_hdr_addcmpt(hdr, hdr->numcmpts, cmpt)) {
goto error;
}
+ jas_tvparser_destroy(tvp);
return 0;
error:
Reference in New Issue View Git Blame Copy Permalink