[PATCH 0/1] OpenJPEG CVE-2016-9572 CVE-2016-9573

guix-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[PATCH 0/1] OpenJPEG CVE-2016-9572 CVE-2016-9573

From:	Leo Famulari
Subject:	[PATCH 0/1] OpenJPEG CVE-2016-9572 CVE-2016-9573
Date:	Mon, 23 Jan 2017 18:39:17 -0500

This patch fixes CVE-2016-9572 and CVE-2016-9573 in OpenJPEG.

Notice that the patch is not from the official OpenJPEG repository. I've
asked for clarification here:

https://github.com/uclouvain/openjpeg/issues/863#issuecomment-274271277

Debian has applied it to their openjpeg2 2.1.0-2+deb8u2 package (sorry,
I can't find a link to their package code; download the tarball and
inspect it manually):

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851422
https://tracker.debian.org/pkg/openjpeg2

Leo Famulari (1):
  gnu: openjpeg: Fix CVE-2016-{9572,9573}.

 gnu/local.mk                                       |   1 +
 gnu/packages/image.scm                             |   3 +-
 .../openjpeg-CVE-2016-9572-CVE-2016-9573.patch     | 233 +++++++++++++++++++++
 3 files changed, 236 insertions(+), 1 deletion(-)
 create mode 100644 
gnu/packages/patches/openjpeg-CVE-2016-9572-CVE-2016-9573.patch

-- 
2.11.0

[Prev in Thread]

Current Thread

[Next in Thread]

[PATCH 0/1] OpenJPEG CVE-2016-9572 CVE-2016-9573, Leo Famulari <=
- [PATCH 1/1] gnu: openjpeg: Fix CVE-2016-{9572,9573}., Leo Famulari, 2017/01/23
- Re: [PATCH 0/1] OpenJPEG CVE-2016-9572 CVE-2016-9573, Ludovic Courtès, 2017/01/24

Prev by Date: Re: Add lxde. (Mixed content: 4 updates, 7 RFCs)
Next by Date: [PATCH 1/1] gnu: openjpeg: Fix CVE-2016-{9572,9573}.
Previous by thread: [PATCH] gnu: claws-mail: Enable compface.
Next by thread: [PATCH 1/1] gnu: openjpeg: Fix CVE-2016-{9572,9573}.
Index(es):
- Date
- Thread