projects / buildroot.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 59b3b3e) | patch
jasper: add patches to fix CVE-2014-8137 and CVE-2014-8138
authorGustavo Zacarias <gustavo@zacarias.com.ar>
Fri, 19 Dec 2014 18:32:18 +0000 (15:32 -0300)
committerPeter Korsgaard <peter@korsgaard.com>
Fri, 19 Dec 2014 20:41:17 +0000 (21:41 +0100)
commitb6e4e9de41c52cafbb7fe708333731ca0ddecaa4
tree89119ffab659dcff2565e71163817fcb55cd588atree
parent59b3b3edd6d67ed7c4e22da045f43ca98c31b940commit | diff
jasper: add patches to fix CVE-2014-8137 and CVE-2014-8138

Fixes:
CVE-2014-8137 - double-free in jas_iccattrval_destroy()
CVE-2014-8138 - heap overflow in jp2_decode()

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
package/jasper/0002-fix-CVE-2014-8138.patch [new file with mode: 0644] blob
package/jasper/0003-fix-CVE-2014-8137-1.patch [new file with mode: 0644] blob
package/jasper/0004-fix-CVE-2014-8137-2.patch [new file with mode: 0644] blob