|
|
28361fd836
|
- bsc#1117507 CVE-2018-19541: Properly fix heap based overread
in jas_image_depalettize. Original fix caused segfaults.
Update jasper-CVE-2018-19541.patch
- bsc#1117508 CVE-2018-19540: Fix heap based overflow in jas_icctxtdesc_input
Add jasper-CVE-2018-19540.patch: Make sure asclen is at least 1
- bsc#1117507 CVE-2018-19541: Fix heap based overread in jas_image_depalettize
Add jasper-CVE-2018-19541.patch: Check number of lutents
- Update to 2.0.16:
* Fix assertion failure JPC_NOMINALGAIN (CVE-2016-9396) (#50)
* Fix build on Windows 10 (#162)
* Improve README
* Fix build with CMake 2.x
* Add missing dereference operators (#178, #157)
* Check data in jas_image (CVE-2018-19539) (#196)
- Remove because contained in new release:
* jasper-CVE-2018-19539.patch
* 0001-jpc_cs-reject-all-but-JPC_COX_INS-and-JPC_COX_RFT.patch
* Remove 0001-Added-a-fix-from-nrusch-to-allow-JasPer-to-be-build-.patch
- Run spec-cleaner
- bsc#1117505 CVE-2018-19542:
* Add jasper-CVE-2018-19542.patch
- bsc#1117511 CVE-2018-19539:
* Add jasper-CVE-2018-19539.patch
- Added patch:
* jasper-CVE-2018-9055.patch
OBS-URL: https://build.opensuse.org/package/show/graphics/jasper?expand=0&rev=85
|
2020-03-17 08:54:41 +00:00 |
|
