Thanks for the report, now fixed at source git repo:
commit 7d3c1bea895d910907e2501fe9165e353eceabae
Author: Markus Kuhn
Date: Mon Feb 15 18:27:47 2021 +
jbg_newlen(): check for end-of-file within MARKER_NEWLEN
fixes https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=969593
Package: jbigkit
Version: 2.1
Casper Sun
slei.cas...@gmail.com
> On Sep 6, 2020, at 12:12 AM, Casper Sun wrote:
>
> Hi,
>
> Libjbig version 2.1 has a heap overflow vulnerability in jbg_newlen in jbig.c.
>
> Stack trace:
> ```
> ==65175==ERROR: AddressSanitizer: heap-buffer-overflow on addre
2 matches
Mail list logo