| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- fix double-free in in jas_iccattrval_destroy()
Obtained from: RedHat
Security: CVE-2014-8137
Security: https://bugzilla.redhat.com/show_bug.cgi?id=1173157
- fix heap overflow in jp2_decode()
Obtained from: RedHat
Security: CVE-2014-8138
Security: https://bugzilla.redhat.com/show_bug.cgi?id=1173162
- dec->numtiles off-by-one check in jpc_dec_process_sot()
Obtained from: RedHat, Fedora
Security: CVE-2014-8157
Security: https://bugzilla.redhat.com/show_bug.cgi?id=1179282
- multiple stack-based buffer overflows
Obtained from: RedHat, Fedora
Security: CVE-2014-8158
Security: https://bugzilla.redhat.com/show_bug.cgi?id=1179282
- fix Heap overflows in libjasper
Obtained from: RedHat
Security: CVE-2014-9029
Security: https://bugzilla.redhat.com/show_bug.cgi?id=1167537
- fix Use-after-free (and double-free)
Security: CVE-2015-5221
Security: http://www.openwall.com/lists/oss-security/2015/08/20/4
PR: 203504
- patch (rows_ NULL check)
Obtained from: RedHat
Security: CVE-2016-2089
Security: https://bugzilla.redhat.com/show_bug.cgi?id=1302636
|
| |
|
|
|
|
|
| |
PR: 202697
Submitted by: wxl@bikefriday.com
Reviewed y:
Security: CVE-2015-5203
|
| | |
|
| |
|
|
|
|
|
| |
Security: CVE-2011-4517 execute arbitrary code on decodes images
Submitted by: naddy (Christian Weisgerber)
Obtained from: Fedora
Feature safe: yes
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Security fixes
Multiple integer overflows
Buffer overflow in the jas_stream_printf
execute arbitrary code on decodes images
Security: CVE-2008-3520
Security: CVE-2008-3522
Security: CVE-2011-4516
Security: CVE-2011-4517
PR: 163718
Obtained from: Fedora
Feature safe: yes
|
| |
|
|
| |
Approved by: portmgr (bapt)
|
| |
|
|
|
|
|
| |
PR: 162812
Sumbitted by: Sebastian Klemke
Obtained from: Debian, Mathew Eis
Feature safe: yes
|
| |
|
|
|
| |
PR: 146290
Submitted by: Sunpoet Po-Chuan Hsieh
|
| |
|
|
| |
- cleanup
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
own clean-up routine (jas_cleanup). The call would be of limited
use anyway, as freeing memory at exit is useful only for tracking
down memory leaks. Removing the atexit call eliminates crashes in
ImageMagick and GraphicsMagick, when they are compiled with modules
support -- when a library is dlclosed, calling its cleanup routine is
certain death...
When compiling with gcc, declare the routine with ``__attribute__
(destructor)'' as per kan's otherwise obnoxious and inflammatory
e-mails. This will make sure, the routine is invoked, when libjasper
is dlclosed(). The only known apps that do that are ImageMagick and
GraphicsMagick (when built with modules support). They both call
the routine explicitly anyway...
While here enable parallel build of jasper itself, and eliminate the
most threatening warnings.
Bump PORTREVISION.
|
| |
|
|
| |
uses tmpfile is being evaluated.
|
| |
|
|
|
| |
PR: 108869
Submitted by: Martin Matuska <martin@matuska.org>
|
| | |
|
| |
|
|
|
|
|
| |
- Use DOCSDIR
PR: ports/62531
Submitted by: Ports Fury
|
| | |
|
| | |
|
| |
|
|
|
|
| |
Submitted by: Stacey Roberts <stacey@vickiandstacey.com>
BSD <bsd@xtremedev.com>
Mike Hardling <mvh@ix.netcom.com>
|
| | |
|
| |
|
