I have just started working on applying the patches and making a debdiff for openjpeg, however I have got a slight problem, none of the files I am trying to patch seem similar enough in the 1.5.2 version to actually be patched, I just can't find the right places to insert and remove the code so I am really unable to do anything about the CVEs for this version.
I am now going to have a go with openjpeg2 and see if the version you have is similar enough to the upstream code. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1630702 Title: CVE-2016-8332 allows an out-of-bound heap write to occur resulting in heap corruption and arbitrary code execution To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openjpeg/+bug/1630702/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
