Package: jasper | Debian Sources

Package: jasper / 1.900.1-debian1-2.4

Metadata

Package	Version	Patches format
jasper	1.900.1-debian1-2.4	3.0 (quilt)

Patch series

view the series file

Patch	File delta	Description
01 misc fixes.patch \| (download)	acaux/config.guess \| 667 378 + 289 - 0 ! acaux/config.sub \| 230 173 + 57 - 0 ! src/libjasper/base/jas_cm.c \| 11 5 + 6 - 0 ! src/libjasper/base/jas_icc.c \| 39 19 + 20 - 0 ! src/libjasper/base/jas_image.c \| 5 2 + 3 - 0 ! src/libjasper/base/jas_malloc.c \| 49 42 + 7 - 0 ! src/libjasper/base/jas_seq.c \| 6 3 + 3 - 0 ! src/libjasper/base/jas_stream.c \| 20 7 + 13 - 0 ! src/libjasper/bmp/bmp_dec.c \| 2 1 + 1 - 0 ! src/libjasper/include/jasper/jas_malloc.h \| 9 9 + 0 - 0 ! src/libjasper/jp2/jp2_cod.c \| 72 65 + 7 - 0 ! src/libjasper/jp2/jp2_cod.h \| 12 12 + 0 - 0 ! src/libjasper/jp2/jp2_dec.c \| 4 2 + 2 - 0 ! src/libjasper/jp2/jp2_enc.c \| 61 53 + 8 - 0 ! src/libjasper/jpc/jpc_cs.c \| 17 10 + 7 - 0 ! src/libjasper/jpc/jpc_dec.c \| 31 15 + 16 - 0 ! src/libjasper/jpc/jpc_enc.c \| 20 10 + 10 - 0 ! src/libjasper/jpc/jpc_mqdec.c \| 2 1 + 1 - 0 ! src/libjasper/jpc/jpc_mqenc.c \| 2 1 + 1 - 0 ! src/libjasper/jpc/jpc_qmfb.c \| 16 8 + 8 - 0 ! src/libjasper/jpc/jpc_t1enc.c \| 2 1 + 1 - 0 ! src/libjasper/jpc/jpc_t2cod.c \| 2 1 + 1 - 0 ! src/libjasper/jpc/jpc_t2dec.c \| 6 3 + 3 - 0 ! src/libjasper/jpc/jpc_t2enc.c \| 6 3 + 3 - 0 ! src/libjasper/jpc/jpc_tagtree.c \| 2 1 + 1 - 0 ! src/libjasper/jpc/jpc_util.c \| 2 1 + 1 - 0 ! src/libjasper/mif/mif_cod.c \| 3 1 + 2 - 0 ! 27 files changed, 827 insertions(+), 471 deletions(-)	miscellaneous fixes to upstream tarball This patch contains some currently not further categorized patches to the upstream tarball.
02 fix filename buffer overflow.patch \| (download)	src/libjasper/include/jasper/jas_stream.h \| 9 8 + 1 - 0 ! 1 file changed, 8 insertions(+), 1 deletion(-)	filename buffer overflow fix This patch fixes a security hole by a bad buffer size handling.
03 CVE 2011 4516 and CVE 2011 4517.patch \| (download)	src/libjasper/jpc/jpc_cs.c \| 6 5 + 1 - 0 ! 1 file changed, 5 insertions(+), 1 deletion(-)	fix for cve-2011-4516 and cve-2011-4517 This patch fixes a possible denial of service and code execution via heap-based buffer overflows.
04 CVE 2014 9029.patch \| (download)	src/libjasper/jpc/jpc_dec.c \| 6 3 + 3 - 0 ! 1 file changed, 3 insertions(+), 3 deletions(-)	cve-2014-9029: heap overflows in libjasper
05 CVE 2014 8137.patch \| (download)	src/libjasper/base/jas_icc.c \| 6 0 + 6 - 0 ! src/libjasper/jp2/jp2_dec.c \| 5 4 + 1 - 0 ! 2 files changed, 4 insertions(+), 7 deletions(-)	cve-2014-8137: double-free in in jas_iccattrval_destroy()
06 CVE 2014 8138.patch \| (download)	src/libjasper/jp2/jp2_dec.c \| 5 5 + 0 - 0 ! 1 file changed, 5 insertions(+)	cve-2014-8138: heap overflow in jp2_decode()
07 CVE 2014 8157.patch \| (download)	src/libjasper/jpc/jpc_dec.c \| 2 1 + 1 - 0 ! 1 file changed, 1 insertion(+), 1 deletion(-)	cve-2014-8157: dec->numtiles off-by-one check in jpc_dec_process_sot()
08 CVE 2014 8158.patch \| (download)	src/libjasper/jpc/jpc_qmfb.c \| 64 0 + 64 - 0 ! 1 file changed, 64 deletions(-)	cve-2014-8158: unrestricted stack memory use in jpc_qmfb.c

1