[arch-commits] Commit in jasper/trunk (9 files)
Antonio Rojas
arojas at archlinux.org
Thu Oct 6 20:50:04 UTC 2016
Date: Thursday, October 6, 2016 @ 20:50:04
Author: arojas
Revision: 277856
Update to 1.900.2
Modified:
jasper/trunk/PKGBUILD
Deleted:
jasper/trunk/jasper-1.900.1-CVE-2008-3522.patch
jasper/trunk/jasper-1.900.1-CVE-2014-8138.patch
jasper/trunk/jasper-1.900.1-CVE-2014-8157.patch
jasper/trunk/jasper-1.900.1-CVE-2014-8158.patch
jasper/trunk/jasper-1.900.1-CVE-2014-9029.patch
jasper/trunk/jasper-1.900.1-CVE-2016-1577.patch
jasper/trunk/jasper-1.900.1-CVE-2016-2116.patch
jasper/trunk/jpc_dec.c.patch
------------------------------------+
PKGBUILD | 34 ---
jasper-1.900.1-CVE-2008-3522.patch | 14 -
jasper-1.900.1-CVE-2014-8138.patch | 14 -
jasper-1.900.1-CVE-2014-8157.patch | 12 -
jasper-1.900.1-CVE-2014-8158.patch | 329 -----------------------------------
jasper-1.900.1-CVE-2014-9029.patch | 29 ---
jasper-1.900.1-CVE-2016-1577.patch | 14 -
jasper-1.900.1-CVE-2016-2116.patch | 14 -
jpc_dec.c.patch | 18 -
9 files changed, 6 insertions(+), 472 deletions(-)
Modified: PKGBUILD
===================================================================
--- PKGBUILD 2016-10-06 20:37:36 UTC (rev 277855)
+++ PKGBUILD 2016-10-06 20:50:04 UTC (rev 277856)
@@ -2,8 +2,8 @@
# Maintainer: Eric Bélanger <eric at archlinux.org>
pkgname=jasper
-pkgver=1.900.1
-pkgrel=15
+pkgver=1.900.2
+pkgrel=1
pkgdesc="A software-based implementation of the codec specified in the emerging JPEG-2000 Part-1 standard"
arch=('i686' 'x86_64')
url="http://www.ece.uvic.ca/~mdadams/jasper/"
@@ -11,52 +11,30 @@
depends=('libjpeg')
makedepends=('freeglut' 'libxmu' 'glu')
optdepends=('freeglut: for jiv support' 'glu: for jiv support')
-source=(http://www.ece.uvic.ca/~mdadams/${pkgname}/software/${pkgname}-${pkgver}.zip
+source=(http://www.ece.uvic.ca/~mdadams/${pkgname}/software/${pkgname}-${pkgver}.tar.gz
patch-libjasper-stepsizes-overflow.diff jasper-1.900.1-CVE-2008-3520.patch
- jpc_dec.c.patch jasper-1.900.1-CVE-2008-3522.patch
jasper-1.900.1-CVE-2014-8137.patch jasper-avoid-assert-abort.diff
- jasper-1.900.1-CVE-2014-8138.patch jasper-1.900.1-CVE-2014-9029.patch
jasper-1.900.1-CVE-2011-4516-and-CVE-2011-4517.patch
jasper-1.900.1-fix-filename-buffer-overflow.patch
- jasper-1.900.1-CVE-2014-8157.patch
- jasper-1.900.1-CVE-2014-8158.patch
- jasper-1.900.1-CVE-2016-1577.patch
- jasper-1.900.1-CVE-2016-2089.patch
- jasper-1.900.1-CVE-2016-2116.patch)
-sha1sums=('9c5735f773922e580bf98c7c7dfda9bbed4c5191'
+ jasper-1.900.1-CVE-2016-2089.patch)
+sha1sums=('3b6bfa9876a88fbeb6fe5ad29437643c28fa4475'
'f298566fef08c8a589d072582112cd51c72c3983'
'2483dba925670bf29f531d85d73c4e5ada513b01'
- 'c1a0176a15210c0af14d85e55ce566921957d780'
- '0e7b6142cd9240ffb15a1ed7297c43c76fa09ee4'
'437519aaaeff6076d11cdbea82125dbcac6f729b'
'98548b610a7319e569ee0425a32dc1d31a8771d2'
- '6086e717af2f0a026f70e399e28fe115f08a8cc1'
- 'f5fe80c8576379d34f372f6a7c6a76630ab9fdcd'
'3bfb37a4c732caa824563bad2603fcf5f2acf7f7'
'577dfce40da75818c4d32eb1c4532b1370950bee'
- 'aaf96946073d2ece35f3695e8cc7956b5cad9a1d'
- 'e69b339de43d1dc2fbb98368cee3d20f76d35941'
- '70dafcbcf76e32d8601e2ed11712d018d38d7f56'
- '06f89116508b1498e97a41ae07e15a4f049e671d'
- '101de5e73ebd690c08a7c1d7639fb35ede41faa3')
+ '06f89116508b1498e97a41ae07e15a4f049e671d')
prepare() {
cd ${pkgname}-${pkgver}
- patch -p1 -i "${srcdir}/jpc_dec.c.patch"
patch -p1 -i "${srcdir}/patch-libjasper-stepsizes-overflow.diff"
patch -p1 -i "${srcdir}/jasper-1.900.1-CVE-2008-3520.patch"
- patch -p1 -i "${srcdir}/jasper-1.900.1-CVE-2008-3522.patch"
- patch -p1 -i "${srcdir}/jasper-1.900.1-CVE-2014-9029.patch"
patch -p1 -i "${srcdir}/jasper-1.900.1-CVE-2014-8137.patch"
patch -p1 -i "${srcdir}/jasper-avoid-assert-abort.diff"
- patch -p1 -i "${srcdir}/jasper-1.900.1-CVE-2014-8138.patch"
patch -p1 -i "${srcdir}/jasper-1.900.1-CVE-2011-4516-and-CVE-2011-4517.patch"
patch -p1 -i "${srcdir}/jasper-1.900.1-fix-filename-buffer-overflow.patch"
- patch -p1 -i "${srcdir}/jasper-1.900.1-CVE-2014-8157.patch"
- patch -p1 -i "${srcdir}/jasper-1.900.1-CVE-2014-8158.patch"
- patch -p1 -i "${srcdir}/jasper-1.900.1-CVE-2016-1577.patch"
patch -p1 -i "${srcdir}/jasper-1.900.1-CVE-2016-2089.patch"
- patch -p1 -i "${srcdir}/jasper-1.900.1-CVE-2016-2116.patch"
}
build() {
Deleted: jasper-1.900.1-CVE-2008-3522.patch
===================================================================
--- jasper-1.900.1-CVE-2008-3522.patch 2016-10-06 20:37:36 UTC (rev 277855)
+++ jasper-1.900.1-CVE-2008-3522.patch 2016-10-06 20:50:04 UTC (rev 277856)
@@ -1,14 +0,0 @@
-https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2008-3522
-
-diff -pruN jasper-1.900.1.orig/src/libjasper/base/jas_stream.c jasper-1.900.1/src/libjasper/base/jas_stream.c
---- jasper-1.900.1.orig/src/libjasper/base/jas_stream.c 2009-10-22 10:27:45.000000000 +0200
-+++ jasper-1.900.1/src/libjasper/base/jas_stream.c 2009-10-22 10:35:53.000000000 +0200
-@@ -553,7 +553,7 @@ int jas_stream_printf(jas_stream_t *stre
- int ret;
-
- va_start(ap, fmt);
-- ret = vsprintf(buf, fmt, ap);
-+ ret = vsnprintf(buf, sizeof buf, fmt, ap);
- jas_stream_puts(stream, buf);
- va_end(ap);
- return ret;
Deleted: jasper-1.900.1-CVE-2014-8138.patch
===================================================================
--- jasper-1.900.1-CVE-2014-8138.patch 2016-10-06 20:37:36 UTC (rev 277855)
+++ jasper-1.900.1-CVE-2014-8138.patch 2016-10-06 20:50:04 UTC (rev 277856)
@@ -1,14 +0,0 @@
---- jasper-1.900.1.orig/src/libjasper/jp2/jp2_dec.c 2014-12-11 14:06:44.000000000 +0100
-+++ jasper-1.900.1/src/libjasper/jp2/jp2_dec.c 2014-12-11 14:06:26.000000000 +0100
-@@ -386,6 +386,11 @@ jas_image_t *jp2_decode(jas_stream_t *in
- /* Determine the type of each component. */
- if (dec->cdef) {
- for (i = 0; i < dec->numchans; ++i) {
-+ /* Is the channel number reasonable? */
-+ if (dec->cdef->data.cdef.ents[i].channo >= dec->numchans) {
-+ jas_eprintf("error: invalid channel number in CDEF box\n");
-+ goto error;
-+ }
- jas_image_setcmpttype(dec->image,
- dec->chantocmptlut[dec->cdef->data.cdef.ents[i].channo],
- jp2_getct(jas_image_clrspc(dec->image),
Deleted: jasper-1.900.1-CVE-2014-8157.patch
===================================================================
--- jasper-1.900.1-CVE-2014-8157.patch 2016-10-06 20:37:36 UTC (rev 277855)
+++ jasper-1.900.1-CVE-2014-8157.patch 2016-10-06 20:50:04 UTC (rev 277856)
@@ -1,12 +0,0 @@
-diff -up jasper-1.900.1/src/libjasper/jpc/jpc_dec.c.CVE-2014-8157 jasper-1.900.1/src/libjasper/jpc/jpc_dec.c
---- jasper-1.900.1/src/libjasper/jpc/jpc_dec.c.CVE-2014-8157 2015-01-19 16:59:36.000000000 +0100
-+++ jasper-1.900.1/src/libjasper/jpc/jpc_dec.c 2015-01-19 17:07:41.609863268 +0100
-@@ -489,7 +489,7 @@ static int jpc_dec_process_sot(jpc_dec_t
- dec->curtileendoff = 0;
- }
-
-- if (JAS_CAST(int, sot->tileno) > dec->numtiles) {
-+ if (JAS_CAST(int, sot->tileno) >= dec->numtiles) {
- jas_eprintf("invalid tile number in SOT marker segment\n");
- return -1;
- }
Deleted: jasper-1.900.1-CVE-2014-8158.patch
===================================================================
--- jasper-1.900.1-CVE-2014-8158.patch 2016-10-06 20:37:36 UTC (rev 277855)
+++ jasper-1.900.1-CVE-2014-8158.patch 2016-10-06 20:50:04 UTC (rev 277856)
@@ -1,329 +0,0 @@
-diff -up jasper-1.900.1/src/libjasper/jpc/jpc_qmfb.c.CVE-2014-8158 jasper-1.900.1/src/libjasper/jpc/jpc_qmfb.c
---- jasper-1.900.1/src/libjasper/jpc/jpc_qmfb.c.CVE-2014-8158 2015-01-19 17:25:28.730195502 +0100
-+++ jasper-1.900.1/src/libjasper/jpc/jpc_qmfb.c 2015-01-19 17:27:20.214663127 +0100
-@@ -306,11 +306,7 @@ void jpc_qmfb_split_row(jpc_fix_t *a, in
- {
-
- int bufsize = JPC_CEILDIVPOW2(numcols, 1);
--#if !defined(HAVE_VLA)
- jpc_fix_t splitbuf[QMFB_SPLITBUFSIZE];
--#else
-- jpc_fix_t splitbuf[bufsize];
--#endif
- jpc_fix_t *buf = splitbuf;
- register jpc_fix_t *srcptr;
- register jpc_fix_t *dstptr;
-@@ -318,7 +314,6 @@ void jpc_qmfb_split_row(jpc_fix_t *a, in
- register int m;
- int hstartcol;
-
--#if !defined(HAVE_VLA)
- /* Get a buffer. */
- if (bufsize > QMFB_SPLITBUFSIZE) {
- if (!(buf = jas_alloc2(bufsize, sizeof(jpc_fix_t)))) {
-@@ -326,7 +321,6 @@ void jpc_qmfb_split_row(jpc_fix_t *a, in
- abort();
- }
- }
--#endif
-
- if (numcols >= 2) {
- hstartcol = (numcols + 1 - parity) >> 1;
-@@ -360,12 +354,10 @@ void jpc_qmfb_split_row(jpc_fix_t *a, in
- }
- }
-
--#if !defined(HAVE_VLA)
- /* If the split buffer was allocated on the heap, free this memory. */
- if (buf != splitbuf) {
- jas_free(buf);
- }
--#endif
-
- }
-
-@@ -374,11 +366,7 @@ void jpc_qmfb_split_col(jpc_fix_t *a, in
- {
-
- int bufsize = JPC_CEILDIVPOW2(numrows, 1);
--#if !defined(HAVE_VLA)
- jpc_fix_t splitbuf[QMFB_SPLITBUFSIZE];
--#else
-- jpc_fix_t splitbuf[bufsize];
--#endif
- jpc_fix_t *buf = splitbuf;
- register jpc_fix_t *srcptr;
- register jpc_fix_t *dstptr;
-@@ -386,7 +374,6 @@ void jpc_qmfb_split_col(jpc_fix_t *a, in
- register int m;
- int hstartcol;
-
--#if !defined(HAVE_VLA)
- /* Get a buffer. */
- if (bufsize > QMFB_SPLITBUFSIZE) {
- if (!(buf = jas_alloc2(bufsize, sizeof(jpc_fix_t)))) {
-@@ -394,7 +381,6 @@ void jpc_qmfb_split_col(jpc_fix_t *a, in
- abort();
- }
- }
--#endif
-
- if (numrows >= 2) {
- hstartcol = (numrows + 1 - parity) >> 1;
-@@ -428,12 +414,10 @@ void jpc_qmfb_split_col(jpc_fix_t *a, in
- }
- }
-
--#if !defined(HAVE_VLA)
- /* If the split buffer was allocated on the heap, free this memory. */
- if (buf != splitbuf) {
- jas_free(buf);
- }
--#endif
-
- }
-
-@@ -442,11 +426,7 @@ void jpc_qmfb_split_colgrp(jpc_fix_t *a,
- {
-
- int bufsize = JPC_CEILDIVPOW2(numrows, 1);
--#if !defined(HAVE_VLA)
- jpc_fix_t splitbuf[QMFB_SPLITBUFSIZE * JPC_QMFB_COLGRPSIZE];
--#else
-- jpc_fix_t splitbuf[bufsize * JPC_QMFB_COLGRPSIZE];
--#endif
- jpc_fix_t *buf = splitbuf;
- jpc_fix_t *srcptr;
- jpc_fix_t *dstptr;
-@@ -457,7 +437,6 @@ void jpc_qmfb_split_colgrp(jpc_fix_t *a,
- int m;
- int hstartcol;
-
--#if !defined(HAVE_VLA)
- /* Get a buffer. */
- if (bufsize > QMFB_SPLITBUFSIZE) {
- if (!(buf = jas_alloc2(bufsize, sizeof(jpc_fix_t)))) {
-@@ -465,7 +444,6 @@ void jpc_qmfb_split_colgrp(jpc_fix_t *a,
- abort();
- }
- }
--#endif
-
- if (numrows >= 2) {
- hstartcol = (numrows + 1 - parity) >> 1;
-@@ -517,12 +495,10 @@ void jpc_qmfb_split_colgrp(jpc_fix_t *a,
- }
- }
-
--#if !defined(HAVE_VLA)
- /* If the split buffer was allocated on the heap, free this memory. */
- if (buf != splitbuf) {
- jas_free(buf);
- }
--#endif
-
- }
-
-@@ -531,11 +507,7 @@ void jpc_qmfb_split_colres(jpc_fix_t *a,
- {
-
- int bufsize = JPC_CEILDIVPOW2(numrows, 1);
--#if !defined(HAVE_VLA)
- jpc_fix_t splitbuf[QMFB_SPLITBUFSIZE * JPC_QMFB_COLGRPSIZE];
--#else
-- jpc_fix_t splitbuf[bufsize * numcols];
--#endif
- jpc_fix_t *buf = splitbuf;
- jpc_fix_t *srcptr;
- jpc_fix_t *dstptr;
-@@ -546,7 +518,6 @@ void jpc_qmfb_split_colres(jpc_fix_t *a,
- int m;
- int hstartcol;
-
--#if !defined(HAVE_VLA)
- /* Get a buffer. */
- if (bufsize > QMFB_SPLITBUFSIZE) {
- if (!(buf = jas_alloc2(bufsize, sizeof(jpc_fix_t)))) {
-@@ -554,7 +525,6 @@ void jpc_qmfb_split_colres(jpc_fix_t *a,
- abort();
- }
- }
--#endif
-
- if (numrows >= 2) {
- hstartcol = (numrows + 1 - parity) >> 1;
-@@ -606,12 +576,10 @@ void jpc_qmfb_split_colres(jpc_fix_t *a,
- }
- }
-
--#if !defined(HAVE_VLA)
- /* If the split buffer was allocated on the heap, free this memory. */
- if (buf != splitbuf) {
- jas_free(buf);
- }
--#endif
-
- }
-
-@@ -619,18 +587,13 @@ void jpc_qmfb_join_row(jpc_fix_t *a, int
- {
-
- int bufsize = JPC_CEILDIVPOW2(numcols, 1);
--#if !defined(HAVE_VLA)
- jpc_fix_t joinbuf[QMFB_JOINBUFSIZE];
--#else
-- jpc_fix_t joinbuf[bufsize];
--#endif
- jpc_fix_t *buf = joinbuf;
- register jpc_fix_t *srcptr;
- register jpc_fix_t *dstptr;
- register int n;
- int hstartcol;
-
--#if !defined(HAVE_VLA)
- /* Allocate memory for the join buffer from the heap. */
- if (bufsize > QMFB_JOINBUFSIZE) {
- if (!(buf = jas_alloc2(bufsize, sizeof(jpc_fix_t)))) {
-@@ -638,7 +601,6 @@ void jpc_qmfb_join_row(jpc_fix_t *a, int
- abort();
- }
- }
--#endif
-
- hstartcol = (numcols + 1 - parity) >> 1;
-
-@@ -670,12 +632,10 @@ void jpc_qmfb_join_row(jpc_fix_t *a, int
- ++srcptr;
- }
-
--#if !defined(HAVE_VLA)
- /* If the join buffer was allocated on the heap, free this memory. */
- if (buf != joinbuf) {
- jas_free(buf);
- }
--#endif
-
- }
-
-@@ -684,18 +644,13 @@ void jpc_qmfb_join_col(jpc_fix_t *a, int
- {
-
- int bufsize = JPC_CEILDIVPOW2(numrows, 1);
--#if !defined(HAVE_VLA)
- jpc_fix_t joinbuf[QMFB_JOINBUFSIZE];
--#else
-- jpc_fix_t joinbuf[bufsize];
--#endif
- jpc_fix_t *buf = joinbuf;
- register jpc_fix_t *srcptr;
- register jpc_fix_t *dstptr;
- register int n;
- int hstartcol;
-
--#if !defined(HAVE_VLA)
- /* Allocate memory for the join buffer from the heap. */
- if (bufsize > QMFB_JOINBUFSIZE) {
- if (!(buf = jas_alloc2(bufsize, sizeof(jpc_fix_t)))) {
-@@ -703,7 +658,6 @@ void jpc_qmfb_join_col(jpc_fix_t *a, int
- abort();
- }
- }
--#endif
-
- hstartcol = (numrows + 1 - parity) >> 1;
-
-@@ -735,12 +689,10 @@ void jpc_qmfb_join_col(jpc_fix_t *a, int
- ++srcptr;
- }
-
--#if !defined(HAVE_VLA)
- /* If the join buffer was allocated on the heap, free this memory. */
- if (buf != joinbuf) {
- jas_free(buf);
- }
--#endif
-
- }
-
-@@ -749,11 +701,7 @@ void jpc_qmfb_join_colgrp(jpc_fix_t *a,
- {
-
- int bufsize = JPC_CEILDIVPOW2(numrows, 1);
--#if !defined(HAVE_VLA)
- jpc_fix_t joinbuf[QMFB_JOINBUFSIZE * JPC_QMFB_COLGRPSIZE];
--#else
-- jpc_fix_t joinbuf[bufsize * JPC_QMFB_COLGRPSIZE];
--#endif
- jpc_fix_t *buf = joinbuf;
- jpc_fix_t *srcptr;
- jpc_fix_t *dstptr;
-@@ -763,7 +711,6 @@ void jpc_qmfb_join_colgrp(jpc_fix_t *a,
- register int i;
- int hstartcol;
-
--#if !defined(HAVE_VLA)
- /* Allocate memory for the join buffer from the heap. */
- if (bufsize > QMFB_JOINBUFSIZE) {
- if (!(buf = jas_alloc2(bufsize, JPC_QMFB_COLGRPSIZE * sizeof(jpc_fix_t)))) {
-@@ -771,7 +718,6 @@ void jpc_qmfb_join_colgrp(jpc_fix_t *a,
- abort();
- }
- }
--#endif
-
- hstartcol = (numrows + 1 - parity) >> 1;
-
-@@ -821,12 +767,10 @@ void jpc_qmfb_join_colgrp(jpc_fix_t *a,
- srcptr += JPC_QMFB_COLGRPSIZE;
- }
-
--#if !defined(HAVE_VLA)
- /* If the join buffer was allocated on the heap, free this memory. */
- if (buf != joinbuf) {
- jas_free(buf);
- }
--#endif
-
- }
-
-@@ -835,11 +779,7 @@ void jpc_qmfb_join_colres(jpc_fix_t *a,
- {
-
- int bufsize = JPC_CEILDIVPOW2(numrows, 1);
--#if !defined(HAVE_VLA)
- jpc_fix_t joinbuf[QMFB_JOINBUFSIZE * JPC_QMFB_COLGRPSIZE];
--#else
-- jpc_fix_t joinbuf[bufsize * numcols];
--#endif
- jpc_fix_t *buf = joinbuf;
- jpc_fix_t *srcptr;
- jpc_fix_t *dstptr;
-@@ -849,7 +789,6 @@ void jpc_qmfb_join_colres(jpc_fix_t *a,
- register int i;
- int hstartcol;
-
--#if !defined(HAVE_VLA)
- /* Allocate memory for the join buffer from the heap. */
- if (bufsize > QMFB_JOINBUFSIZE) {
- if (!(buf = jas_alloc3(bufsize, numcols, sizeof(jpc_fix_t)))) {
-@@ -857,7 +796,6 @@ void jpc_qmfb_join_colres(jpc_fix_t *a,
- abort();
- }
- }
--#endif
-
- hstartcol = (numrows + 1 - parity) >> 1;
-
-@@ -907,12 +845,10 @@ void jpc_qmfb_join_colres(jpc_fix_t *a,
- srcptr += numcols;
- }
-
--#if !defined(HAVE_VLA)
- /* If the join buffer was allocated on the heap, free this memory. */
- if (buf != joinbuf) {
- jas_free(buf);
- }
--#endif
-
- }
-
Deleted: jasper-1.900.1-CVE-2014-9029.patch
===================================================================
--- jasper-1.900.1-CVE-2014-9029.patch 2016-10-06 20:37:36 UTC (rev 277855)
+++ jasper-1.900.1-CVE-2014-9029.patch 2016-10-06 20:50:04 UTC (rev 277856)
@@ -1,29 +0,0 @@
---- jasper-1.900.1.orig/src/libjasper/jpc/jpc_dec.c 2014-11-27 12:45:44.000000000 +0100
-+++ jasper-1.900.1.orig/src/libjasper/jpc/jpc_dec.c 2014-11-27 12:44:58.000000000 +0100
-@@ -1281,7 +1281,7 @@ static int jpc_dec_process_coc(jpc_dec_t
- jpc_coc_t *coc = &ms->parms.coc;
- jpc_dec_tile_t *tile;
-
-- if (JAS_CAST(int, coc->compno) > dec->numcomps) {
-+ if (JAS_CAST(int, coc->compno) >= dec->numcomps) {
- jas_eprintf("invalid component number in COC marker segment\n");
- return -1;
- }
-@@ -1307,7 +1307,7 @@ static int jpc_dec_process_rgn(jpc_dec_t
- jpc_rgn_t *rgn = &ms->parms.rgn;
- jpc_dec_tile_t *tile;
-
-- if (JAS_CAST(int, rgn->compno) > dec->numcomps) {
-+ if (JAS_CAST(int, rgn->compno) >= dec->numcomps) {
- jas_eprintf("invalid component number in RGN marker segment\n");
- return -1;
- }
-@@ -1356,7 +1356,7 @@ static int jpc_dec_process_qcc(jpc_dec_t
- jpc_qcc_t *qcc = &ms->parms.qcc;
- jpc_dec_tile_t *tile;
-
-- if (JAS_CAST(int, qcc->compno) > dec->numcomps) {
-+ if (JAS_CAST(int, qcc->compno) >= dec->numcomps) {
- jas_eprintf("invalid component number in QCC marker segment\n");
- return -1;
- }
Deleted: jasper-1.900.1-CVE-2016-1577.patch
===================================================================
--- jasper-1.900.1-CVE-2016-1577.patch 2016-10-06 20:37:36 UTC (rev 277855)
+++ jasper-1.900.1-CVE-2016-1577.patch 2016-10-06 20:50:04 UTC (rev 277856)
@@ -1,14 +0,0 @@
-Description: CVE-2016-1577: Prevent double-free in jas_iccattrval_destroy()
-Author: Tyler Hicks <tyhicks at canonical.com>
-Bug-Ubuntu: https://launchpad.net/bugs/1547865
-
---- jasper-1.900.1-debian1.orig/src/libjasper/base/jas_icc.c
-+++ jasper-1.900.1-debian1/src/libjasper/base/jas_icc.c
-@@ -300,6 +300,7 @@ jas_iccprof_t *jas_iccprof_load(jas_stre
- if (jas_iccprof_setattr(prof, tagtabent->tag, attrval))
- goto error;
- jas_iccattrval_destroy(attrval);
-+ attrval = 0;
- } else {
- #if 0
- jas_eprintf("warning: skipping unknown tag type\n");
Deleted: jasper-1.900.1-CVE-2016-2116.patch
===================================================================
--- jasper-1.900.1-CVE-2016-2116.patch 2016-10-06 20:37:36 UTC (rev 277855)
+++ jasper-1.900.1-CVE-2016-2116.patch 2016-10-06 20:50:04 UTC (rev 277856)
@@ -1,14 +0,0 @@
-Description: Prevent jas_stream_t memory leak in jas_iccprof_createfrombuf()
-Author: Tyler Hicks <tyhicks at canonical.com>
-
---- jasper-1.900.1-debian1.orig/src/libjasper/base/jas_icc.c
-+++ jasper-1.900.1-debian1/src/libjasper/base/jas_icc.c
-@@ -1693,6 +1693,8 @@ jas_iccprof_t *jas_iccprof_createfrombuf
- jas_stream_close(in);
- return prof;
- error:
-+ if (in)
-+ jas_stream_close(in);
- return 0;
- }
-
Deleted: jpc_dec.c.patch
===================================================================
--- jpc_dec.c.patch 2016-10-06 20:37:36 UTC (rev 277855)
+++ jpc_dec.c.patch 2016-10-06 20:50:04 UTC (rev 277856)
@@ -1,18 +0,0 @@
-diff -urN jasper-1.900.1/src/libjasper/jpc/jpc_dec.c jasper-1.900.1-fix/src/libjasper/jpc/jpc_dec.c
---- jasper-1.900.1/src/libjasper/jpc/jpc_dec.c 2007-01-19 14:43:07.000000000 -0700
-+++ jasper-1.900.1-fix/src/libjasper/jpc/jpc_dec.c 2008-03-06 16:51:12.000000000 -0700
-@@ -1069,12 +1069,12 @@
- /* Apply an inverse intercomponent transform if necessary. */
- switch (tile->cp->mctid) {
- case JPC_MCT_RCT:
-- assert(dec->numcomps == 3);
-+ assert(dec->numcomps >= 3);
- jpc_irct(tile->tcomps[0].data, tile->tcomps[1].data,
- tile->tcomps[2].data);
- break;
- case JPC_MCT_ICT:
-- assert(dec->numcomps == 3);
-+ assert(dec->numcomps >= 3);
- jpc_iict(tile->tcomps[0].data, tile->tcomps[1].data,
- tile->tcomps[2].data);
- break;
More information about the arch-commits
mailing list