projects / buildroot.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: d663af5) | patch
jasper: add security fixes for CVE-2014-8157/8158
authorGustavo Zacarias <gustavo@zacarias.com.ar>
Mon, 26 Jan 2015 20:45:49 +0000 (17:45 -0300)
committerPeter Korsgaard <peter@korsgaard.com>
Mon, 26 Jan 2015 22:13:44 +0000 (23:13 +0100)
commitddfce0448d7e1bbce70d8b5b5924a0ac39df1e9e
tree1e6659b0d23fdfbebab7b2e218c5bd1306e9722ftree
parentd663af559e3c66603fb8cb3a0b029c40d29bc57acommit | diff
jasper: add security fixes for CVE-2014-8157/8158

Fixes:
CVE-2014-8157 - dec->numtiles off-by-one check in jpc_dec_process_sot()
CVE-2014-8158 - unrestricted stack memory use in jpc_qmfb.c

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
package/jasper/0005-fix-CVE-2014-8157.patch [new file with mode: 0644] blob
package/jasper/0006-fix-CVE-2014-8158.patch [new file with mode: 0644] blob