Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Tue, 29 Nov 2016 17:33:42 +0100
From: Adam Maris <amaris@...hat.com>
To: oss-security@...ts.openwall.com
Subject: CVE-2016-8654 jasper: Heap-based buffer overflow in QMFB code in JPC
 codec

Hi,

Red Hat Product Security assigned CVE-2016-8654 for following issues 
(CVE merge as per merge/split rules):

https://github.com/mdadams/jasper/issues/93
https://github.com/mdadams/jasper/issues/94

that were addressed by following commit:

https://github.com/mdadams/jasper/commit/4a59cfaf9ab3d48fca4a15c0d2674bf7138e3d1a

Best Regards,

-- 
Adam Mariš, Red Hat Product Security
1CCD 3446 0529 81E3 86AF  2D4C 4869 76E7 BEF0 6BC2


Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ