package/openjpeg: fix CVE-2020-6851 (a3b1f288) · Commits · Arm Reference Solutions / buildroot

Commit a3b1f288 authored Feb 29, 2020 by Fabrice Fontaine Committed by Yann E. MORIN Mar 01, 2020

package/openjpeg: fix CVE-2020-6851



OpenJPEG through 2.3.1 has a heap-based buffer overflow in
opj_t1_clbl_decode_processor in openjp2/t1.c because of lack of
opj_j2k_update_image_dimensions validation.

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

parent 5934e676

Hide whitespace changes

Inline Side-by-side

Please register or to comment