-
Committer:
Package Import Robot
-
Author(s):
Marc Deslauriers
-
Date:
2011-12-20 15:44:19 UTC
-
mfrom:
(68.1.2 lucid-proposed)
-
Revision ID:
package-import@ubuntu.com-20111220154419-1dwajjyf5v2g4jb8
Tags: 8.71.dfsg.1-0ubuntu5.4
* SECURITY UPDATE: integer overflows via integer multiplication for
memory allocation
- debian/patches/CVE-2008-352x.dpatch: introduce new size-checked
allocation functions and use them in:
* jasper/src/libjasper/base/{jas_cm.c,jas_icc.c,jas_image.c,
jas_malloc.c,jas_seq.c}
* jasper/src/libjasper/bmp/bmp_dec.c
* jasper/src/libjasper/include/jasper/jas_malloc.h
* jasper/src/libjasper/jp2/{jp2_cod.c,jp2_dec.c,jp2_enc.c}
* jasper/src/libjasper/jpc/{jpc_cs.c,jpc_dec.c,jpc_enc.c,jpc_mqdec.c,
jpc_mqenc.c,jpc_qmfb.c,jpc_t1enc.c,jpc_t2cod.c,jpc_t2dec.c,
jpc_t2enc.c,jpc_tagtree.c,jpc_util.c}
* jasper/src/libjasper/mif/mif_cod.c
- CVE-2008-3520
* SECURITY UPDATE: buffer overflow via vsprintf in jas_stream_printf()
- debian/patches/CVE-2008-352x.dpatch: use vsnprintf() in
jasper/src/libjasper/base/jas_stream.c
- CVE-2008-3522
* SECURITY UPDATE: denial of service and possible code execution via
heap-based buffer overflows.
- debian/patches/CVE-2011-451x.dpatch: validate compparms->numrlvls
and allocate proper size in jasper/src/libjasper/jpc/jpc_cs.c.
- CVE-2011-4516
- CVE-2011-4517