332a851a08
Add 0003-test-asclen-CVE-2018-19540.patch: If txtdesc->asclen is < 1, the array index of txtdesc->ascdata will be negative which causes the heap based overflow. Patch was proposed upstream[1] but upstream is very inactive. Linux distributions use the same fix to patch their packages. 1: https://github.com/mdadams/jasper/pull/198 Signed-off-by: Michael Vetter <jubalh@iodoru.org> Signed-off-by: Peter Korsgaard <peter@korsgaard.com> |
||
|---|---|---|
| .. | ||
| 0001-verify-data-range-CVE-2018-19541.patch | ||
| 0002-check-null-in-jp2_decode-CVE-2018-19542.patch | ||
| 0003-test-asclen-CVE-2018-19540.patch | ||
| Config.in | ||
| jasper.hash | ||
| jasper.mk | ||