Date: Fri, 09 Dec 2016 16:44:17 +0100 From: Adam Maris <amaris@...hat.com> To: oss-security@...ts.openwall.com Subject: CVE-2016-9580 CVE-2016-9581 openjpeg2: heap buffer oevrflows Hello, We've assigned CVEs for following issues: > https://github.com/uclouvain/openjpeg/issues/871 CVE-2016-9580 integer overflow in tiftoimage resulting into heap buffer overflow > https://github.com/uclouvain/openjpeg/issues/872 CVE-2016-9581 infinite loop in tiftoimage resulting into heap buffer overflow in convert_32s_C1P1 Both were fixed by https://github.com/szukw000/openjpeg/commit/cadff5fb 6e73398de26a92e96d3d7cac893af255 Regards, -- Adam Mariš, Red Hat Product Security 1CCD 3446 0529 81E3 86AF 2D4C 4869 76E7 BEF0 6BC2
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.