[Buildroot] [PATCH 1/3] package/openjpeg: fix CVE-2019-12973

Peter Korsgaard peter at korsgaard.com
Sat Mar 14 18:28:47 UTC 2020


>>>>> "Fabrice" == Fabrice Fontaine <fontaine.fabrice at gmail.com> writes:

 > In OpenJPEG 2.3.1, there is excessive iteration in the
 > opj_t1_encode_cblks function of openjp2/t1.c. Remote attackers could
 > leverage this vulnerability to cause a denial of service via a crafted
 > bmp file. This issue is similar to CVE-2018-6616.

 > Signed-off-by: Fabrice Fontaine <fontaine.fabrice at gmail.com>

Committed to 2019.02.x and 2019.11.x, thanks.

-- 
Bye, Peter Korsgaard


More information about the buildroot mailing list