[Buildroot] [PATCH 2/3] package/openjpeg: fix CVE-2020-6851
Peter Korsgaard
peter at korsgaard.com
Sat Mar 14 18:28:51 UTC 2020
>>>>> "Fabrice" == Fabrice Fontaine <fontaine.fabrice at gmail.com> writes:
> OpenJPEG through 2.3.1 has a heap-based buffer overflow in
> opj_t1_clbl_decode_processor in openjp2/t1.c because of lack of
> opj_j2k_update_image_dimensions validation.
> Signed-off-by: Fabrice Fontaine <fontaine.fabrice at gmail.com>
Committed to 2019.02.x and 2019.11.x, thanks.
--
Bye, Peter Korsgaard
More information about the buildroot
mailing list