oss-sec mailing list archives
Re: CVE-Request JasPer 2.0.12 NULL Pointer Dereference jp2_encode (jp2_enc.c)
From: Tomas Hoger <thoger () redhat com>
Date: Mon, 6 Mar 2017 15:38:55 +0100
On Mon, 6 Mar 2017 09:06:00 +0100 Emilio Pozuelo Monfort wrote:
This also happens on the latest master branch. The repo: https://github.com/mdadams/jasper Crashing inputs found with afl: https://github.com/nullsector/jasper-fuzz/tree/master/testcases/crashesYou should request CVEs at http://cveform.mitre.org/ these days. Also it'd be good if you opened an upstream bug report about this.
Looks like that was already done: https://github.com/mdadams/jasper/issues/120 -- Tomas Hoger / Red Hat Product Security
Current thread:
- CVE-Request JasPer 2.0.12 NULL Pointer Dereference jp2_encode (jp2_enc.c) Anthony Sasadeusz (Mar 05)
- Re: CVE-Request JasPer 2.0.12 NULL Pointer Dereference jp2_encode (jp2_enc.c) Emilio Pozuelo Monfort (Mar 06)
- Re: CVE-Request JasPer 2.0.12 NULL Pointer Dereference jp2_encode (jp2_enc.c) Tomas Hoger (Mar 06)
- Re: JasPer 2.0.12 NULL Pointer Dereference jp2_encode (jp2_enc.c) Anthony Sasadeusz (Mar 07)
- Re: CVE-Request JasPer 2.0.12 NULL Pointer Dereference jp2_encode (jp2_enc.c) Emilio Pozuelo Monfort (Mar 06)