Resolves: #1255714 - CVE-2015-5221 - Use-after-free and double-free in Jasper JPEG-2000 library

This commit is contained in:
Josef Ridky 2016-08-11 14:24:38 +02:00
parent 3620992738
commit b9057f435a
2 changed files with 23 additions and 0 deletions

View File

@ -0,0 +1,20 @@
diff -urNp jasper-1.900.1.orig/src/libjasper/mif/mif_cod.c jasper-1.900.1.new/src/libjasper/mif/mif_cod.c
--- jasper-1.900.1.orig/src/libjasper/mif/mif_cod.c 2016-08-11 13:46:26.166415464 +0200
+++ jasper-1.900.1.new/src/libjasper/mif/mif_cod.c 2016-08-11 14:17:20.507144931 +0200
@@ -569,13 +569,13 @@ static int mif_process_cmpt(mif_hdr_t *h
break;
}
}
- jas_tvparser_destroy(tvp);
if (!cmpt->sampperx || !cmpt->samppery) {
goto error;
}
if (mif_hdr_addcmpt(hdr, hdr->numcmpts, cmpt)) {
goto error;
}
+ jas_tvparser_destroy(tvp);
return 0;
error:

View File

@ -38,6 +38,7 @@ Patch11: jasper-CVE-2014-8138.patch
Patch12: jasper-CVE-2014-8157.patch
Patch13: jasper-CVE-2014-8158.patch
Patch14: jasper-CVE-2015-5203.patch
Patch15: jasper-CVE-2015-5221.patch
# Issues found by static analysis of code
Patch110: jasper-1.900.1-Coverity-BAD_SIZEOF.patch
@ -106,6 +107,7 @@ Requires: %{name}-libs%{?_isa} = %{version}-%{release}
%patch12 -p1 -b .CVE-2014-8157
%patch13 -p1 -b .CVE-2014-8158
%patch14 -p1 -b .CVE-2015-5203
%patch15 -p1 -b .CVE-2015-5221
%patch110 -p1 -b .BAD_SIZEOF
%patch111 -p1 -b .CHECKED_RETURN
@ -185,6 +187,7 @@ make check
%changelog
* Thu Aug 11 2016 Josef Ridky <jridky@redhat.com> - 1.900.1-33
- CVE-2015-5203 - double free in jasper_image_stop_load() (#1254244)
- CVE-2015-5221 - Use-after-free and double-free flaws (#1255714)
* Thu Feb 04 2016 Fedora Release Engineering <releng@fedoraproject.org> - 1.900.1-32
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild