[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PATCH 0/2] OpenJPEG security fixes (CVE-2016-{5157,7163})
From: |
Leo Famulari |
Subject: |
[PATCH 0/2] OpenJPEG security fixes (CVE-2016-{5157,7163}) |
Date: |
Fri, 9 Sep 2016 02:04:39 -0400 |
Two bugs disclosed in OpenJPEG, CVE-2016-5157 and CVE-2016-7163. Both
can be used to execute arbitrary code, apparently.
CVE-2016-7163:
http://seclists.org/oss-sec/2016/q3/442
CVE-2016-5157:
http://seclists.org/oss-sec/2016/q3/441
Leo Famulari (2):
gnu: openjpeg-2.*: Fix CVE-2016-7163.
gnu: openjpeg-2.*: Fix CVE-2016-5157.
gnu/local.mk | 2 +
gnu/packages/image.scm | 8 +-
gnu/packages/patches/openjpeg-CVE-2016-5157.patch | 98 +++++++++++++++++++++++
gnu/packages/patches/openjpeg-CVE-2016-7163.patch | 71 ++++++++++++++++
4 files changed, 177 insertions(+), 2 deletions(-)
create mode 100644 gnu/packages/patches/openjpeg-CVE-2016-5157.patch
create mode 100644 gnu/packages/patches/openjpeg-CVE-2016-7163.patch
--
2.10.0
- [PATCH 0/2] OpenJPEG security fixes (CVE-2016-{5157,7163}),
Leo Famulari <=
- [PATCH 2/2] gnu: openjpeg-2.*: Fix CVE-2016-5157., Leo Famulari, 2016/09/09
- Re: [PATCH 0/2] OpenJPEG security fixes (CVE-2016-{5157,7163}), Efraim Flashner, 2016/09/09
- v2: OpenJPEG security fixes (CVE-2016-{5157,7163}), Leo Famulari, 2016/09/09