<br/>
<h1>Changelog from Git</h1><br/><br/>
<div class='changelog'>
-<pre class='wrap'>commit c196b23b90321b5c7e3238294607a2e8626c503f
+<pre class='wrap'>commit 92023cd6c377e0384a7725949b25655d4d94dced
+Merge: c196b23 cab352e
+Author: Even Rouault <even.rouault@mines-paris.org>
+Date: 2018-11-16 09:42:19 +0100
+
+ Merge pull request #1160 from hlef/master
+
+ jp3d/jpwl convert: fix write stack buffer overflow
+
+commit c196b23b90321b5c7e3238294607a2e8626c503f
Author: ichlubna <43234438+ichlubna@users.noreply.github.com>
Date: 2018-11-16 09:40:31 +0100
When compressing a lot of slices (starting from 44 FullHD slices with 3 8bit components in our experiments) the rate values are high enough to cause an int overflow that leads to negative lengths and wrong results. The cast happens too late.
+commit cab352e249ed3372dd9355c85e837613fff98fa2
+Author: Hugo Lefeuvre <hle@debian.org>
+Date: 2018-11-07 18:48:29 +0100
+
+ jp2: convert: fix null pointer dereference
+
+ Tile components in a JP2 image might have null data pointer by defining a
+ zero component size (for example using large horizontal or vertical
+ sampling periods). This null data pointer leads to null image component
+ data pointer, causing crash when dereferenced without != null check in
+ imagetopnm.
+
+ Add != null check.
+
+ This commit addresses #1152 (CVE-2018-18088).
+
+commit 0bc90e4062a5f9258c91eca018c019b179066c62
+Author: Hugo Lefeuvre <hle@debian.org>
+Date: 2018-10-22 16:59:41 +0200
+
+ jp3d/jpwl convert: fix write stack buffer overflow
+
+ Missing buffer length formatter in fscanf call might lead to write
+ stack buffer overflow.
+
+ fixes #1044 (CVE-2017-17480)
+
commit 948332e6ed17565100d1df5f6fdbf66865218e36
Author: Stefan Weil <sw@weilnetz.de>
Date: 2018-10-31 20:44:30 +0100
Workaroudn cppcheck (correct) warning about same code in then and else branches
-commit c84e594cffb181b96f522becf1ba0302e2cc6da7
-Author: Even Rouault <even.rouault@spatialys.com>
-Date: 2017-09-19 18:35:07 +0200
-
- Fix badly named variable in function prototype (raised by cppcheck)
-
-commit e17bbde9066600528ab523adee69d9c9c33ba157
-Author: Even Rouault <even.rouault@spatialys.com>
-Date: 2017-09-19 17:48:07 +0200
-
- opj_set_decoded_components(): add a provision for a apply_color_transforms parameter in case we support it in the future
-
-commit 7e2b6bebff12eab8bdc17fc9af017e8c11652f4f
-Author: Even Rouault <even.rouault@spatialys.com>
-Date: 2017-09-19 16:52:07 +0200
-
- Add capability to decode only a subset of all components of an image.
-
- This adds a opj_set_decoded_components(opj_codec_t *p_codec,
- OPJ_UINT32 numcomps, const OPJ_UINT32* comps_indices) function,
- and equivalent "opj_decompress -c compno[,compno]*" option.
-
- When specified, neither the MCT transform nor JP2 channel transformations
- will be applied.
-
- Tests added for various combinations of whole image vs tiled-based decoding,
- full or reduced resolution, use of decode area or not.
-
...</pre></div>
</body>
'2.1.2' => '2016-09-28 18:18',
'2.2.0' => '2017-08-10 00:31',
'2.3.0' => '2017-10-04 22:23',
- 'current' => '2018-11-16 09:40:31'
+ 'current' => '2018-11-16 09:42:19'
},
'HeadersDiff' => {
'1.1' => {
'Maintainer' => 'OpenJPEG team',
'MaintainerUrl' => 'http://www.openjpeg.org/',
'PackageDiff' => {},
- 'ScmUpdateTime' => '1542358527',
+ 'ScmUpdateTime' => '1542359208',
'Soname' => {
'1.1' => {
'lib/libopenjpeg.so' => 'libopenjpeg.so'
<th>Headers<br/>Diff</th>
</tr>
<tr id='current'><td>current</td>
-<td>2018-11-16<br/>09:40</td>
+<td>2018-11-16<br/>09:42</td>
<td>7</td>
<td><a href='../../changelog/openjpeg/current/log.html'>changelog</a></td>
<td class='ok'><a href='../../objects_report/openjpeg/2.3.0/current/report.html'>100%</a></td>
<td>N/A</td>
<td>N/A</td>
</tr>
-</table><br/>Maintained by <a href='http://www.openjpeg.org/'>OpenJPEG team</a>. Last updated on Fri Nov 16 08:55:52 2018.<br/>
+</table><br/>Maintained by <a href='http://www.openjpeg.org/'>OpenJPEG team</a>. Last updated on Fri Nov 16 09:07:12 2018.<br/>
<br/>
<hr/>
<div align='right'><a class='home' title="Andrey Ponomarenko's ABI laboratory" href='http://abi-laboratory.pro/'>abi-laboratory.pro</a></div>
projects / openjpeg.git / commitdiff