This repository has been archived by the owner on Jul 29, 2020. It is now read-only.
CVE-2018-19540 #22
Labels
Comments
jubalh
added a commit
that referenced
this issue
Jun 15, 2020
If txtdesc->asclen is < 1, the array index of txtdesc->ascdata will be negative which causes the heap based overflow. Regards CVE-2018-19540. Regards jasper-software/jasper#182 bug#3 Fix by Markus Koschany <[email protected]>. From https://gist.github.com/apoleon/13598a45bf6522f6a79b77a629205823 See: jasper-software/jasper#198 Fix #22
jubalh
pushed a commit
that referenced
this issue
Jun 16, 2020
If txtdesc->asclen is < 1, the array index of txtdesc->ascdata will be negative which causes the heap based overflow. Regards CVE-2018-19540. Regards jasper-software/jasper#182 bug#3 Fix by Markus Koschany <[email protected]>. From https://gist.github.com/apoleon/13598a45bf6522f6a79b77a629205823 See: jasper-software/jasper#198 Fix #22
jubalh
pushed a commit
that referenced
this issue
Jun 18, 2020
If txtdesc->asclen is < 1, the array index of txtdesc->ascdata will be negative which causes the heap based overflow. Regards CVE-2018-19540. Regards jasper-software/jasper#182 bug#3 Fix by Markus Koschany <[email protected]>. From https://gist.github.com/apoleon/13598a45bf6522f6a79b77a629205823 Location adapted. See: jasper-software/jasper#198 Fix #22
jubalh
added a commit
to jubalh/buildroot
that referenced
this issue
Jul 28, 2020
Changes: * Fix CVE-2018-9154 jasper-software/jasper#215 jasper-software/jasper#166 jasper-software/jasper#175 jasper-maint/jasper#8 * Fix CVE-2018-19541 jasper-software/jasper#199 jasper-maint/jasper#6 * Fix CVE-2016-9399, CVE-2017-13751 jasper-maint/jasper#1 * Fix CVE-2018-19540 jasper-software/jasper#182 jasper-maint/jasper#22 * Fix CVE-2018-9055 jasper-maint/jasper#9 * Fix CVE-2017-13748 jasper-software/jasper#168 * Fix CVE-2017-5503, CVE-2017-5504, CVE-2017-5505 jasper-maint/jasper#3 jasper-maint/jasper#4 jasper-maint/jasper#5 jasper-software/jasper#88 jasper-software/jasper#89 jasper-software/jasper#90 * Fix CVE-2018-9252 jasper-maint/jasper#16 * Fix CVE-2018-19139 jasper-maint/jasper#14 * Fix CVE-2018-19543, CVE-2017-9782 jasper-maint/jasper#13 jasper-maint/jasper#18 jasper-software/jasper#140 jasper-software/jasper#182 * Fix CVE-2018-20570 jasper-maint/jasper#11 jasper-software/jasper#191 * Fix CVE-2018-20622 jasper-maint/jasper#12 jasper-software/jasper#193 * Fix CVE-2016-9398 jasper-maint/jasper#10 * Fix CVE-2017-14132 jasper-maint/jasper#17 * Fix CVE-2017-5499 jasper-maint/jasper#2 jasper-software/jasper#63 * Fix CVE-2018-18873 jasper-maint/jasper#15 jasper-software/jasper#184 * Fix jasper-software/jasper#207 * Fix jasper-software/jasper#194 part 1 * Fix CVE-2017-13750 jasper-software/jasper#165 jasper-software/jasper#174 * New option -DJAS_ENABLE_HIDDEN=true to not export internal symbols in the public symbol table * Fix various memory leaks * Plenty of code cleanups, and performance improvements
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
An issue was discovered in JasPer 2.0.14. There is a heap-based buffer overflow of size 1 in the function jas_icctxtdesc_input in libjasper/base/jas_icc.c.
See: An issue was discovered in JasPer 2.0.14. There is a heap-based buffer overflow of size 1 in the function jas_icctxtdesc_input in libjasper/base/jas_icc.c.
The text was updated successfully, but these errors were encountered: