mirror of
https://git.busybox.net/buildroot.git
synced 2024-12-13 07:13:32 +08:00
332a851a08
Add 0003-test-asclen-CVE-2018-19540.patch: If txtdesc->asclen is < 1, the array index of txtdesc->ascdata will be negative which causes the heap based overflow. Patch was proposed upstream[1] but upstream is very inactive. Linux distributions use the same fix to patch their packages. 1: https://github.com/mdadams/jasper/pull/198 Signed-off-by: Michael Vetter <jubalh@iodoru.org> Signed-off-by: Peter Korsgaard <peter@korsgaard.com> |
||
---|---|---|
.. | ||
0001-verify-data-range-CVE-2018-19541.patch | ||
0002-check-null-in-jp2_decode-CVE-2018-19542.patch | ||
0003-test-asclen-CVE-2018-19540.patch | ||
Config.in | ||
jasper.hash | ||
jasper.mk |