diff options
author | jgc | 2016-05-04 10:10:43 +0000 |
---|---|---|
committer | Jakob Gahde | 2016-09-26 11:27:20 +0200 |
commit | 198b0603b6791c74ee89b17204a3d8bc6e2122d4 (patch) | |
tree | a7ac21127ca2e3d0e29634d0f44893618cd532c9 /jasper-1.900.1-CVE-2016-1577.patch | |
parent | 3a799ecbaafcc24000b1770cc9078c829a850b43 (diff) | |
download | aur-198b0603b6791c74ee89b17204a3d8bc6e2122d4.tar.gz |
upgpkg: jasper 1.900.1-15
Revert FS#46056, fixes FS#46161.
Apply security fixes from FS48511
git-svn-id: file:///srv/repos/svn-packages/svn@266864 eb2447ed-0c53-47e4-bac8-5bc4a241df78
Diffstat (limited to 'jasper-1.900.1-CVE-2016-1577.patch')
-rw-r--r-- | jasper-1.900.1-CVE-2016-1577.patch | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/jasper-1.900.1-CVE-2016-1577.patch b/jasper-1.900.1-CVE-2016-1577.patch new file mode 100644 index 000000000000..ff2f1d61a1b5 --- /dev/null +++ b/jasper-1.900.1-CVE-2016-1577.patch @@ -0,0 +1,14 @@ +Description: CVE-2016-1577: Prevent double-free in jas_iccattrval_destroy() +Author: Tyler Hicks <tyhicks@canonical.com> +Bug-Ubuntu: https://launchpad.net/bugs/1547865 + +--- jasper-1.900.1-debian1.orig/src/libjasper/base/jas_icc.c ++++ jasper-1.900.1-debian1/src/libjasper/base/jas_icc.c +@@ -300,6 +300,7 @@ jas_iccprof_t *jas_iccprof_load(jas_stre + if (jas_iccprof_setattr(prof, tagtabent->tag, attrval)) + goto error; + jas_iccattrval_destroy(attrval); ++ attrval = 0; + } else { + #if 0 + jas_eprintf("warning: skipping unknown tag type\n"); |