Package: jasper / 1.900.1-13+deb7u4
Metadata
Package | Version | Patches format |
---|---|---|
jasper | 1.900.1-13+deb7u4 | 3.0 (quilt) |
Patch series
view the series filePatch | File delta | Description |
---|---|---|
01 misc fixes.patch | (download) |
acaux/config.guess |
667 378 + 289 - 0 ! |
miscellaneous fixes to upstream tarball This patch contains some currently not further categorized patches to the upstream tarball. |
02 fix filename buffer overflow.patch | (download) |
src/libjasper/include/jasper/jas_stream.h |
3 2 + 1 - 0 ! |
<short summary of the patch> TODO: Put a short summary on the line above and replace this paragraph with a longer explanation of this change. Complete the meta-information with other relevant fields (see below for details). To make it easier, the information below has been extracted from the changelog. Adjust it or drop it. . jasper (1.900.1-11) unstable; urgency=low . * Added Multiarch support, thanks to Colin Watson (Closes: #645118) |
03 CVE 2011 4516 and CVE 2011 4517.patch | (download) |
src/libjasper/jpc/jpc_cs.c |
6 5 + 1 - 0 ! |
fix for cve-2011-4516 and cve-2011-4517 This patch fixes a possible denial of service and code execution via heap-based buffer overflows. |
04 CVE 2014 9029.patch | (download) |
src/libjasper/jpc/jpc_dec.c |
6 3 + 3 - 0 ! |
cve-2014-9029: heap overflows in libjasper |
05 CVE 2014 8137.patch | (download) |
src/libjasper/base/jas_icc.c |
6 0 + 6 - 0 ! |
cve-2014-8137: double-free in in jas_iccattrval_destroy() |
06 CVE 2014 8138.patch | (download) |
src/libjasper/jp2/jp2_dec.c |
5 5 + 0 - 0 ! |
cve-2014-8138: heap overflow in jp2_decode() |
07 CVE 2014 8157.patch | (download) |
src/libjasper/jpc/jpc_dec.c |
2 1 + 1 - 0 ! |
cve-2014-8157: dec->numtiles off-by-one check in jpc_dec_process_sot() |
08 CVE 2014 8158.patch | (download) |
src/libjasper/jpc/jpc_qmfb.c |
64 0 + 64 - 0 ! |
cve-2014-8158: unrestricted stack memory use in jpc_qmfb.c |
09 CVE 2016 1577.patch | (download) |
src/libjasper/base/jas_icc.c |
1 1 + 0 - 0 ! |
cve-2016-1577: prevent double-free in jas_iccattrval_destroy() |
10 CVE 2016 2089.patch | (download) |
src/libjasper/base/jas_image.c |
8 8 + 0 - 0 ! |
cve-2016-2089: matrix rows_ null pointer dereference in jas_matrix_clip() |
11 CVE 2016 2116.patch | (download) |
src/libjasper/base/jas_icc.c |
2 2 + 0 - 0 ! |
cve-2016-2116: prevent jas_stream_t memory leak in jas_iccprof_createfrombuf() |