buildroot

History

Michael Vetter 6958a76a81 package/jasper: Apply fix for CVE-2018-19540 Add 0003-test-asclen-CVE-2018-19540.patch: If txtdesc->asclen is < 1, the array index of txtdesc->ascdata will be negative which causes the heap based overflow. Patch was proposed upstream[1] but upstream is very inactive. Linux distributions use the same fix to patch their packages. 1: https://github.com/mdadams/jasper/pull/198 Signed-off-by: Michael Vetter <jubalh@iodoru.org> Signed-off-by: Peter Korsgaard <peter@korsgaard.com> (cherry picked from commit `332a851a08`) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>		2019-12-06 09:57:46 +01:00
..
0001-verify-data-range-CVE-2018-19541.patch	package/jasper: Apply fix for CVE-2018-19541	2019-12-06 09:57:32 +01:00
0002-check-null-in-jp2_decode-CVE-2018-19542.patch	package/jasper: Apply fix for CVE-2018-19542	2019-12-06 09:57:41 +01:00
0003-test-asclen-CVE-2018-19540.patch	package/jasper: Apply fix for CVE-2018-19540	2019-12-06 09:57:46 +01:00
Config.in
jasper.hash	package/jasper: bump to 2.0.16	2019-12-01 19:11:45 +01:00
jasper.mk	package/jasper: bump to 2.0.16	2019-12-01 19:11:45 +01:00