Commit graph

7 commits

Author SHA1 Message Date
Franz Pletz
4e5725605b
openjpeg: 2.1.2 -> 2.3.0 for multiple CVEs
Fixes:

 * CVE-2016-10504
 * CVE-2016-10505
 * CVE-2016-10506
 * CVE-2016-10507
 * CVE-2016-9112
 * CVE-2016-9113
 * CVE-2016-9114
 * CVE-2016-9115
 * CVE-2016-9116
 * CVE-2016-9117
 * CVE-2016-9118

cc #30959
2017-11-19 19:33:42 +01:00
Graham Christensen
428927ffa6
openjpeg2: patch for multiple CVEs
-  Floating Point Exception (aka FPE or divide by zero) in
    opj_pi_next_cprl function in openjp2/pi.c:523 in OpenJPEG
    2.1.2. (CVE-2016-9112)

 -  There is a NULL Pointer Access in function imagetopnm of
    convert.c:1943(jp2) of OpenJPEG 2.1.2. image->comps[compno].data is
    not assigned a value after initialization(NULL). Impact is Denial of
    Service. (CVE-2016-9114)

 -  NULL Pointer Access in function imagetopnm of convert.c:2226(jp2) in
    OpenJPEG 2.1.2. Impact is Denial of Service. Someone must open a
    crafted j2k file. (CVE-2016-9116)

 -  Heap Buffer Overflow (WRITE of size 4) in function pnmtoimage of
    convert.c:1719 in OpenJPEG 2.1.2. (CVE-2016-9118)
2017-01-07 06:51:31 -05:00
Graham Christensen
c7a2073323
openjpeg2: patch for CVE-2016-9580, and CVE-2016-9581 2016-12-21 14:37:47 -05:00
Graham Christensen
db2e9b274c
openjpeg: 2.1.1 -> 2.1.2 for CVE-2016-7163 2016-10-05 18:34:14 -04:00
Graham Christensen
42b08b743c
openjpeg: 2.1.0 -> 2.1.1 for critical bugfixes and no ABI break 2016-09-25 08:48:49 -04:00
codyopel
4587819638 openjpeg: refactor, fixes #8017
+ Disable JPIP which requires Java
+ fix typo in nativeBuildInputs, which fixes pkgconfig
2015-05-27 11:48:03 -04:00
Mateusz Kowalczyk
cc4a5073e2 Resurrect openjpeg 2.0.x and use it for mupdf
mupdf doesn't compile with 2.1 due to API changes

cc @codyopel who made the openjpeg update
2015-02-25 01:50:06 +00:00