Skip to content
Commit b006cc37 authored by Fabrice Fontaine's avatar Fabrice Fontaine Committed by Thomas Petazzoni
Browse files

package/openjpeg: fix CVE-2020-15389 



Fix CVE-2020-15389: jp2/opj_decompress.c in OpenJPEG through 2.3.1 has a
use-after-free that can be triggered if there is a mix of valid and
invalid files in a directory operated on by the decompressor. Triggering
a double-free may also be possible. This is related to calling
opj_image_destroy twice.

Signed-off-by: default avatarFabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: default avatarThomas Petazzoni <thomas.petazzoni@bootlin.com>
parent 071e719d
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment