Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Tue, 15 Sep 2015 17:33:55 +0200
From: FEIST Josselin <>
Subject: CVE Request : Use-after-free in openjpeg


Use-after-free was found in openjpeg
( The vuln is fixed in version
2.1.1 and was located in opj_j2k_write_mco function. More details are
available here :
Is it possible to get a CVE for this ?

Credit goes to the static analyzer Gueb.

Best regards,
Feist Josselin
//Timeline ://
//14 August : use-after-free found and reported  //
//6 September : use-after-free fixed/

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ