ports

sync/ports

Fork 0

mirror of https://git.freebsd.org/ports.git synced 2025-06-15 09:40:35 -04:00

Commit graph

Author	SHA1	Message	Date
Dirk Meyer	1a3c3e5ae9	- make option UUID default - fix double-free in in jas_iccattrval_destroy() Obtained from: RedHat Security: CVE-2014-8137 Security: https://bugzilla.redhat.com/show_bug.cgi?id=1173157 - fix heap overflow in jp2_decode() Obtained from: RedHat Security: CVE-2014-8138 Security: https://bugzilla.redhat.com/show_bug.cgi?id=1173162 - dec->numtiles off-by-one check in jpc_dec_process_sot() Obtained from: RedHat, Fedora Security: CVE-2014-8157 Security: https://bugzilla.redhat.com/show_bug.cgi?id=1179282 - multiple stack-based buffer overflows Obtained from: RedHat, Fedora Security: CVE-2014-8158 Security: https://bugzilla.redhat.com/show_bug.cgi?id=1179282 - fix Heap overflows in libjasper Obtained from: RedHat Security: CVE-2014-9029 Security: https://bugzilla.redhat.com/show_bug.cgi?id=1167537 - fix Use-after-free (and double-free) Security: CVE-2015-5221 Security: http://www.openwall.com/lists/oss-security/2015/08/20/4 PR: 203504 - patch (rows_ NULL check) Obtained from: RedHat Security: CVE-2016-2089 Security: https://bugzilla.redhat.com/show_bug.cgi?id=1302636	2016-02-20 13:34:11 +00:00
Dirk Meyer	9ad3263e80	graphics/jasper - Security fixes Multiple integer overflows Buffer overflow in the jas_stream_printf execute arbitrary code on decodes images Security: CVE-2008-3520 Security: CVE-2008-3522 Security: CVE-2011-4516 Security: CVE-2011-4517 PR: 163718 Obtained from: Fedora Feature safe: yes	2013-04-17 21:25:47 +00:00

Author

SHA1

Message

Date

Dirk Meyer

1a3c3e5ae9

- make option UUID default

- fix double-free in in jas_iccattrval_destroy()
Obtained from:	RedHat
Security: CVE-2014-8137
Security: https://bugzilla.redhat.com/show_bug.cgi?id=1173157

- fix heap overflow in jp2_decode()
Obtained from:	RedHat
Security: CVE-2014-8138
Security: https://bugzilla.redhat.com/show_bug.cgi?id=1173162

- dec->numtiles off-by-one check in jpc_dec_process_sot()
Obtained from:	RedHat, Fedora
Security: CVE-2014-8157
Security: https://bugzilla.redhat.com/show_bug.cgi?id=1179282

- multiple stack-based buffer overflows
Obtained from:	RedHat, Fedora
Security: CVE-2014-8158
Security: https://bugzilla.redhat.com/show_bug.cgi?id=1179282

- fix Heap overflows in libjasper
Obtained from:	RedHat
Security: CVE-2014-9029
Security: https://bugzilla.redhat.com/show_bug.cgi?id=1167537

- fix Use-after-free (and double-free)
Security: CVE-2015-5221
Security: http://www.openwall.com/lists/oss-security/2015/08/20/4
PR:		203504

- patch (rows_ NULL check)
Obtained from:	RedHat
Security: CVE-2016-2089
Security: https://bugzilla.redhat.com/show_bug.cgi?id=1302636

2016-02-20 13:34:11 +00:00

Dirk Meyer

9ad3263e80

graphics/jasper

- Security fixes
  Multiple integer overflows
  Buffer overflow in the jas_stream_printf
  execute arbitrary code on decodes images
Security: CVE-2008-3520
Security: CVE-2008-3522
Security: CVE-2011-4516
Security: CVE-2011-4517
PR:             163718
Obtained from:  Fedora
Feature safe: yes

2013-04-17 21:25:47 +00:00

2 commits