projects / buildroot.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 562a587) | patch
jasper: add security patches
authorGustavo Zacarias <gustavo@zacarias.com.ar>
Wed, 17 Aug 2016 01:05:54 +0000 (22:05 -0300)
committerPeter Korsgaard <peter@korsgaard.com>
Wed, 17 Aug 2016 06:39:36 +0000 (08:39 +0200)
commit61e069e164a3727b7c3a6e5ee88b3340bed0a57f
tree4c0f58aa39d9fa445ced2bb5121746e62ed9425etree
parent562a587d009e50f296c5746b2e0a37f9583db1d1commit | diff
jasper: add security patches

Fixes:
CVE-2016-2116 - Memory leak in jas_iccprof_createfrombuf causing
memory consumption.
CVE-2016-1577 - Double free vulnerability in jas_iccattrval_destroy.
CVE-2016-1867 - out-of-bounds read in the jpc_pi_nextcprl() function.
CVE-2015-5221 - Use-after-free and double-free flaws in Jasper
JPEG-2000 library.
CVE-2015-5203 - double free in jasper_image_stop_load()

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
package/jasper/0008-fix-CVE-2016-2116.patch [new file with mode: 0644] blob
package/jasper/0009-fix-CVE-2016-1577.patch [new file with mode: 0644] blob
package/jasper/0010-fix-CVE-2016-1867.patch [new file with mode: 0644] blob
package/jasper/0011-fix-CVE-2015-5221.patch [new file with mode: 0644] blob
package/jasper/0012-fix-CVE-2015-5203.patch [new file with mode: 0644] blob