[Buildroot] [PATCH] jasper: add security patches
Peter Korsgaard
peter at korsgaard.com
Wed Aug 17 06:43:18 UTC 2016
>>>>> "Gustavo" == Gustavo Zacarias <gustavo at zacarias.com.ar> writes:
> Fixes:
> CVE-2016-2116 - Memory leak in jas_iccprof_createfrombuf causing
> memory consumption.
> CVE-2016-1577 - Double free vulnerability in jas_iccattrval_destroy.
> CVE-2016-1867 - out-of-bounds read in the jpc_pi_nextcprl() function.
> CVE-2015-5221 - Use-after-free and double-free flaws in Jasper
> JPEG-2000 library.
> CVE-2015-5203 - double free in jasper_image_stop_load()
> Signed-off-by: Gustavo Zacarias <gustavo at zacarias.com.ar>
Committed, thanks.
--
Bye, Peter Korsgaard
More information about the buildroot
mailing list