Resolves: #1314468 - CVE-2016-1577 - double free vulnerability in jas_iccattrval_destroy
This commit is contained in:
parent
623721e1a1
commit
08fef99cd7
11
jasper-CVE-2016-1577.patch
Normal file
11
jasper-CVE-2016-1577.patch
Normal file
@ -0,0 +1,11 @@
|
||||
diff -urNp jasper-1.900.1.orig/src/libjasper/base/jas_icc.c jasper-1.900.1.new/src/libjasper/base/jas_icc.c
|
||||
--- jasper-1.900.1.orig/src/libjasper/base/jas_icc.c 2016-08-12 07:12:58.629391831 +0200
|
||||
+++ jasper-1.900.1.new/src/libjasper/base/jas_icc.c 2016-08-12 07:16:59.822443416 +0200
|
||||
@@ -299,6 +299,7 @@ jas_iccprof_t *jas_iccprof_load(jas_stre
|
||||
if (jas_iccprof_setattr(prof, tagtabent->tag, attrval))
|
||||
goto error;
|
||||
jas_iccattrval_destroy(attrval);
|
||||
+ attrval = 0;
|
||||
} else {
|
||||
#if 0
|
||||
jas_eprintf("warning: skipping unknown tag type\n");
|
@ -40,6 +40,7 @@ Patch13: jasper-CVE-2014-8158.patch
|
||||
Patch14: jasper-CVE-2015-5203.patch
|
||||
Patch15: jasper-CVE-2015-5221.patch
|
||||
Patch16: jasper-CVE-2016-1867.patch
|
||||
Patch17: jasper-CVE-2016-1577.patch
|
||||
|
||||
# Issues found by static analysis of code
|
||||
Patch110: jasper-1.900.1-Coverity-BAD_SIZEOF.patch
|
||||
@ -110,6 +111,7 @@ Requires: %{name}-libs%{?_isa} = %{version}-%{release}
|
||||
%patch14 -p1 -b .CVE-2015-5203
|
||||
%patch15 -p1 -b .CVE-2015-5221
|
||||
%patch16 -p1 -b .CVE-2016-1867
|
||||
%patch17 -p1 -b .CVE-2016-1577
|
||||
|
||||
%patch110 -p1 -b .BAD_SIZEOF
|
||||
%patch111 -p1 -b .CHECKED_RETURN
|
||||
@ -191,6 +193,7 @@ make check
|
||||
- CVE-2015-5203 - double free in jasper_image_stop_load() (#1254244)
|
||||
- CVE-2015-5221 - Use-after-free and double-free flaws (#1255714)
|
||||
- CVE-2016-1867 - out-of-bounds read in the jpc_pi_nextcprl() function (#1298138)
|
||||
- CVE-2016-1577 - double free vulnerability in jas_iccattrval_destroy (#1314468)
|
||||
|
||||
* Thu Feb 04 2016 Fedora Release Engineering <releng@fedoraproject.org> - 1.900.1-32
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
|
||||
|
Loading…
Reference in New Issue
Block a user