#8372: openjpeg2-2.1.2 (CVE-2016-7163)
-------------------------+--------------------------
Reporter: bdubbs@… | Owner: blfs-book@…
Type: enhancement | Status: new
Priority: high | Milestone: 7.11
Component: BOOK | Version: SVN
Severity: normal | Resolution:
Keywords: |
-------------------------+--------------------------
Changes (by renodr):
* priority: normal => high
Old description:
> New point version
New description:
New point version
{{{
CVE-2016-7163 Integer overflow in opj_pi_create_decode
}}}
--
Comment:
{{{
v2.1.2 (2016-09-28)
Full Changelog
Closed issues:
null ptr dereference in convert.c:1331 #843
Out-of-Bounds Read in function bmp24toimage of convertbmp.c #833
Disable automatic compilation of t1_generate_luts in CMakeLists.txt
#831
CVE-2016-7163 Integer overflow in opj_pi_create_decode #826
Security Advisory for OpenJPEG #810
Add dashboard with static lib #804
hidden visibility for the static library / building with -DOPJ_STATIC
against shared lib #802
Optimization when building library from source #799
unsigned int16 on Solaris 11.2/sparc #796
appveyor #793
Please make a new release #782
FFMpeg will not link to 2.1.1 release built as shared library #766
API change since v2: opj_event_mgr_t not available #754
openjpeg.h needs dependencies #673
"master" does not build on ubuntu #658
Package 'openjp2', required by 'libopenjpip', not found #594
Merged pull requests:
Fix PNM file reading #847 (mayeut)
Fix some issues reported by Coverity Scan #846 (stweil)
Fix potential out-of-bounds read (coverity) #844 (stweil)
Remove TODO for overflow check #842 (mayeut)
Add overflow checks for opj_aligned_malloc #841 (mayeut)
Flags in T1 shall be unsigned #840 (mayeut)
Fix some warnings #838 (mayeut)
Fix issue 833. #834 (trylab)
Add overflow checks for opj_aligned_malloc #832 (mayeut)
Add test for issue 820 #829 (mayeut)
Add test for issue 826 #827 (mayeut)
Fix coverity 113065 (CWE-484) #824 (mayeut)
Add sanity check for tile coordinates #823 (mayeut)
Add test for PR 818 #822 (mayeut)
Update to libpng 1.6.25 #821 (mayeut)
fix incrementing of "l_tcp->m_nb_mcc_records" in opj_j2k_read_mcc #820
(mayeut)
Add overflow check in opj_tcd_init_tile #819 (mayeut)
Fix leak & invalid behavior of opj_jp2_read_ihdr #818 (mayeut)
Add overflow check in opj_j2k_update_image_data #817 (mayeut)
Change 'restrict' define to 'OPJ_RESTRICT' #816 (mayeut)
Switch to clang 3.8 #814 (mayeut)
Fix an integer overflow issue #809 (trylab)
Update to lcms 2.8 #808 (mayeut)
Update to libpng 1.6.24 #807 (mayeut)
Reenable clang-3.9 build on travis #806 (mayeut)
Bit fields type #805 (smuehlst)
Add compilation test for standalone inclusion of openjpeg.h #798
(mayeut)
jpwl: Remove non-portable data type u_int16_t (fix issue #796) #797
(stweil)
Fix dependency for pkg-config (issue #594) #795 (stweil)
Add .gitignore #787 (stweil)
}}}
--
Ticket URL: <http://wiki.linuxfromscratch.org/blfs/ticket/8372#comment:1>
BLFS Trac <http://wiki.linuxfromscratch.org/blfs>
Beyond Linux From Scratch
--
http://lists.linuxfromscratch.org/listinfo/blfs-book
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page
