oss-sec mailing list archives

CVE Request - OpenJPEG: Security Fixes

From: winsonliu(刘科) <winsonliu () tencent com>
Date: Thu, 12 May 2016 06:45:37 +0000

Hi,

Some security issues of OpenJPEG have been fixed. Please consider assigning CVE numbers to them.

1. Issue 774
OpenJPEG Heap Buffer Overflow in function color_cmyk_to_rgb of color.c
Fixed via https://github.com/uclouvain/openjpeg/commit/162f6199c0cd3ec1c6c6dc65e41b2faab92b2d91

2. Issue 775
OpenJPEG Out-of-Bounds Access in function opj_tgt_reset of tgt.c
Fixed via https://github.com/uclouvain/openjpeg/commit/1a8318f6c24623189ecb65e049267c6f2e005c0e

3. Issue 733
OpenJPEG division-by-zero in function opj_tcd_init_tile of tcd.c
Fixed via https://github.com/uclouvain/openjpeg/commit/8f9cc62b3f9a1da9712329ddcedb9750d585505c

Regards,
Ke Liu of Tencent's Xuanwu LAB

Current thread:

CVE Request - OpenJPEG: Security Fixes 刘科 (May 11)
- Re: CVE Request - OpenJPEG: Security Fixes Moritz Muehlenhoff (May 12)
- Re: CVE Request - OpenJPEG: Security Fixes cve-assign (May 12)
- <Possible follow-ups>
- Re: Re: CVE Request - OpenJPEG: Security Fixes WinsonLiu (May 12)