summary refs log tree commit diff
path: root/gnu/packages/patches/jasper-CVE-2016-1577.patch
diff options
context:
space:
mode:
authorEfraim Flashner <efraim@flashner.co.il>2016-03-08 11:49:04 +0200
committerEfraim Flashner <efraim@flashner.co.il>2016-03-08 11:54:58 +0200
commite224495ce1ce373cc43b49faa538116c9cac1466 (patch)
treed57a85ba15fb66dba9f2e56bf5f5032a9ab5d8d8 /gnu/packages/patches/jasper-CVE-2016-1577.patch
parent165e0382b3a3372ef0e7dc8d4cfbd42bc6e4deb0 (diff)
downloadguix-e224495ce1ce373cc43b49faa538116c9cac1466.tar.gz
gnu: jasper: Add fixes for CVE-2016-1577, CVE-2016-2089, CVE-2016-2116.
* gnu/packages/patches/jasper-CVE-2016-1557.patch,
gnu/packages/patches/jasper-CVE-2016-2089.patch,
gnu/packages/patches/jasper-CVE-2016-2116.patch: New files.
* gnu-system.am (dist_patch_DATA): Add them.
* gnu/packages/image.scm (jasper)[source]: Add patches.
Diffstat (limited to 'gnu/packages/patches/jasper-CVE-2016-1577.patch')
-rw-r--r--gnu/packages/patches/jasper-CVE-2016-1577.patch19
1 files changed, 19 insertions, 0 deletions
diff --git a/gnu/packages/patches/jasper-CVE-2016-1577.patch b/gnu/packages/patches/jasper-CVE-2016-1577.patch
new file mode 100644
index 0000000000..75bbd526af
--- /dev/null
+++ b/gnu/packages/patches/jasper-CVE-2016-1577.patch
@@ -0,0 +1,19 @@
+Description: CVE-2016-1577: Prevent double-free in jas_iccattrval_destroy()
+Origin: vendor, http://www.openwall.com/lists/oss-security/2016/03/03/12
+Bug-Ubuntu: https://launchpad.net/bugs/1547865
+Bug-Debian: https://bugs.debian.org/816625
+Forwarded: not-needed
+Author: Tyler Hicks <tyhicks@canonical.com>
+Reviewed-by: Salvatore Bonaccorso <carnil@debian.org>
+Last-Update: 2016-03-05
+
+--- a/src/libjasper/base/jas_icc.c
++++ b/src/libjasper/base/jas_icc.c
+@@ -300,6 +300,7 @@ jas_iccprof_t *jas_iccprof_load(jas_stre
+ 				if (jas_iccprof_setattr(prof, tagtabent->tag, attrval))
+ 					goto error;
+ 				jas_iccattrval_destroy(attrval);
++				attrval = 0;
+ 			} else {
+ #if 0
+ 				jas_eprintf("warning: skipping unknown tag type\n");