diff options
Diffstat (limited to 'main/jasper/CVE-2016-1577.patch')
-rw-r--r-- | main/jasper/CVE-2016-1577.patch | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/main/jasper/CVE-2016-1577.patch b/main/jasper/CVE-2016-1577.patch new file mode 100644 index 0000000000..41ebfc53e0 --- /dev/null +++ b/main/jasper/CVE-2016-1577.patch @@ -0,0 +1,14 @@ +Description: CVE-2016-1577: Prevent double-free in jas_iccattrval_destroy() +Author: Tyler Hicks <tyhicks () canonical com> +Bug-Ubuntu: https://launchpad.net/bugs/1547865 + +--- jasper-1.900.1-debian1.orig/src/libjasper/base/jas_icc.c ++++ jasper-1.900.1-debian1/src/libjasper/base/jas_icc.c +@@ -300,6 +300,7 @@ jas_iccprof_t *jas_iccprof_load(jas_stre + if (jas_iccprof_setattr(prof, tagtabent->tag, attrval)) + goto error; + jas_iccattrval_destroy(attrval); ++ attrval = 0; + } else { + #if 0 + jas_eprintf("warning: skipping unknown tag type\n"); |