Skip to content
Unverified Commit 428927ff authored by Graham Christensen's avatar Graham Christensen
Browse files

openjpeg2: patch for multiple CVEs 

 -  Floating Point Exception (aka FPE or divide by zero) in
    opj_pi_next_cprl function in openjp2/pi.c:523 in OpenJPEG
    2.1.2. (CVE-2016-9112)

 -  There is a NULL Pointer Access in function imagetopnm of
    convert.c:1943(jp2) of OpenJPEG 2.1.2. image->comps[compno].data is
    not assigned a value after initialization(NULL). Impact is Denial of
    Service. (CVE-2016-9114)

 -  NULL Pointer Access in function imagetopnm of convert.c:2226(jp2) in
    OpenJPEG 2.1.2. Impact is Denial of Service. Someone must open a
    crafted j2k file. (CVE-2016-9116)

 -  Heap Buffer Overflow (WRITE of size 4) in function pnmtoimage of
    convert.c:1719 in OpenJPEG 2.1.2. (CVE-2016-9118)
parent c5f8c7fe
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment