After looking at this code, I'm not very confident in the safety of the
openjpeg library. It seems to do a lot of memory allocations without
validating inputs. Since this is an optional build-dep, I would prefer
it not be included in main until a more careful audit of openjpeg can be
performed.
** Changed in: openjpeg (Ubuntu)
Status: New => Incomplete
** Changed in: openjpeg (Ubuntu)
Assignee: Kees Cook (kees) => (unassigned)
--
[MIR] openjpeg
https://bugs.launchpad.net/bugs/591235
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
