Summary: | <media-libs/jasper-4.1.2: Invalid memory write | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Sam James <sam> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | IN_PROGRESS --- | ||
Severity: | trivial | CC: | jubalh, proxy-maint, sci |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://github.com/jasper-software/jasper/issues/367 | ||
Whiteboard: | ~3 [cleanup noglsa] | ||
Package list: | Runtime testing required: | --- |
Description
Sam James
2024-01-14 05:34:57 UTC
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=92d3f29071e7de502f5b413ead99f9c83cc26d36 commit 92d3f29071e7de502f5b413ead99f9c83cc26d36 Author: Michael Vetter <jubalh@iodoru.org> AuthorDate: 2024-01-11 15:59:05 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2024-01-14 05:35:00 +0000 media-libs/jasper: add 4.1.2 Fix invalid memory write bug (#367) (CVE-2023-51257). Fix missing range check in the JPC encoder (#368). Bug: https://bugs.gentoo.org/922075 Signed-off-by: Michael Vetter <jubalh@iodoru.org> Closes: https://github.com/gentoo/gentoo/pull/34761 Signed-off-by: Sam James <sam@gentoo.org> media-libs/jasper/Manifest | 1 + media-libs/jasper/jasper-4.1.2.ebuild | 60 +++++++++++++++++++++++++++++++++++ 2 files changed, 61 insertions(+) pure ~arch so just leaving open for cleanup |