Commits
Olivier Schonken committed 4a944b6a2d3
openjpeg: security bump to version 2.2.0 Fixes the following security issues: CVE-2016-10504: Heap-based buffer overflow vulnerability in the opj_mqc_byteout function in mqc.c in OpenJPEG before 2.2.0 allows remote attackers to cause a denial of service (application crash) via a crafted bmp file. CVE-2016-10505: NULL pointer dereference vulnerabilities in the imagetopnm function in convert.c, sycc444_to_rgb function in color.c, color_esycc_to_rgb function in color.c, and sycc422_to_rgb function in color.c in OpenJPEG before 2.2.0 allow remote attackers to cause a denial of service (application crash) via crafted j2k files. CVE-2016-10506: Division-by-zero vulnerabilities in the functions opj_pi_next_cprl, opj_pi_next_pcrl, and opj_pi_next_rpcl in pi.c in OpenJPEG before 2.2.0 allow remote attackers to cause a denial of service (application crash) via crafted j2k files. CVE-2016-10507: Integer overflow vulnerability in the bmp24toimage function in convertbmp.c in OpenJPEG before 2.2.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted bmp file. [Peter: extend commit message with security fixes info] Signed-off-by: Olivier Schonken <olivier.schonken@gmail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> (cherry picked from commit 37b2fe73cff726ac05cdb200e803f267a48721f9) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>