diff options
| author | feld <feld@FreeBSD.org> | 2015-08-20 23:12:18 +0800 |
|---|---|---|
| committer | feld <feld@FreeBSD.org> | 2015-08-20 23:12:18 +0800 |
| commit | 9c8eb8e0c9937ff057b78e03680817b39978d4b8 (patch) | |
| tree | 7d45851d019cc6ce4e73562c33fcaaff099a7b2a /security | |
| parent | 4191e0a7f9cb10a1ccfec44c07c11eee42cfd27e (diff) | |
| download | freebsd-ports-gnome-9c8eb8e0c9937ff057b78e03680817b39978d4b8.tar.gz freebsd-ports-gnome-9c8eb8e0c9937ff057b78e03680817b39978d4b8.tar.zst freebsd-ports-gnome-9c8eb8e0c9937ff057b78e03680817b39978d4b8.zip | |
graphics/jasper new CVE added to entry
Security: f1692469-45ce-11e5-adde-14dae9d210b8
Security: CVE-2015-5221
Diffstat (limited to 'security')
| -rw-r--r-- | security/vuxml/vuln.xml | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index 2990478770fa..c6ce2f86ac19 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -216,7 +216,7 @@ Notes: </vuln> <vuln vid="f1692469-45ce-11e5-adde-14dae9d210b8"> - <topic>jasper -- double free in jasper_image_stop_load()</topic> + <topic>jasper -- multiple vulnerabilities</topic> <affects> <package> <name>jasper</name> @@ -232,16 +232,25 @@ Notes: A specially crafted file could cause an application using JasPer to crash.</p> </blockquote> + <p>Feist Josselin reports:</p> + <blockquote cite="http://seclists.org/oss-sec/2015/q3/408"> + <p>A new use-after-free was found in Jasper JPEG-200. The + use-after-free appears in the function mif_process_cmpt of the + src/libjasper/mif/mif_cod.c file.</p> + </blockquote> </body> </description> <references> <url>https://bugzilla.redhat.com/show_bug.cgi?id=1254242#c0</url> <url>http://seclists.org/oss-sec/2015/q3/366</url> + <url>http://seclists.org/oss-sec/2015/q3/408</url> <cvename>CVE-2015-5203</cvename> + <cvename>CVE-2015-5221</cvename> </references> <dates> <discovery>2015-08-17</discovery> <entry>2015-08-18</entry> + <modified>2015-08-20</modified> </dates> </vuln> |