oss-sec mailing list archives
Re: CVE Request : Use-after-free in openjpeg
From: Moritz Muehlenhoff <jmm () debian org>
Date: Thu, 12 May 2016 23:16:48 +0200
On Tue, Sep 15, 2015 at 05:33:55PM +0200, FEIST Josselin wrote:
Hi, Use-after-free was found in openjpeg (https://github.com/uclouvain/openjpeg). The vuln is fixed in version 2.1.1 and was located in opj_j2k_write_mco function. More details are available here : https://github.com/uclouvain/openjpeg/issues/563. Is it possible to get a CVE for this ? Credit goes to the static analyzer Gueb.
Explicitly adding cve-assign to CC, this seems to have fallen through the cracks. Cheers, Moritz
Current thread:
- Re: CVE Request : Use-after-free in openjpeg Moritz Muehlenhoff (May 12)
- <Possible follow-ups>
- Re: CVE Request : Use-after-free in openjpeg cve-assign (May 12)