projects / buildroot.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: a3b1f28) | patch
package/openjpeg: fix CVE-2020-8112
authorFabrice Fontaine <fontaine.fabrice@gmail.com>
Sat, 29 Feb 2020 20:24:42 +0000 (21:24 +0100)
committerYann E. MORIN <yann.morin.1998@free.fr>
Sun, 1 Mar 2020 09:42:34 +0000 (10:42 +0100)
commit190964b66806dd6c2c65151cec1ea259fd4855c4
tree71a8b71746f650e7f2f8507a51cd72065857af2btree
parenta3b1f2885eeaf610eb98c5f419ece9d71e33e9c8commit | diff
package/openjpeg: fix CVE-2020-8112

opj_t1_clbl_decode_processor in openjp2/t1.c in OpenJPEG 2.3.1 through
2020-01-28 has a heap-based buffer overflow in the qmfbid==1 case, a
different issue than CVE-2020-6851.

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
package/openjpeg/0007-opj_tcd_init_tile-avoid-integer-overflow.patch [new file with mode: 0644] blob
package/openjpeg/openjpeg.mk diff | blob | history