From 244e4d797e740c7fedf8e3e9df9d9d85859b11b4 Mon Sep 17 00:00:00 2001
From: Leonardo Arena <rnalrd@alpinelinux.org>
Date: Fri, 11 Mar 2016 15:10:06 +0000
Subject: main/jasper: security fixes (CVE-2016-1577, CVE-2016-2089,
 CVE-2016-2116)

---
 main/jasper/CVE-2016-1577.patch | 14 ++++++++++++++
 1 file changed, 14 insertions(+)
 create mode 100644 main/jasper/CVE-2016-1577.patch

(limited to 'main/jasper/CVE-2016-1577.patch')

diff --git a/main/jasper/CVE-2016-1577.patch b/main/jasper/CVE-2016-1577.patch
new file mode 100644
index 0000000000..41ebfc53e0
--- /dev/null
+++ b/main/jasper/CVE-2016-1577.patch
@@ -0,0 +1,14 @@
+Description: CVE-2016-1577: Prevent double-free in jas_iccattrval_destroy()
+Author: Tyler Hicks <tyhicks () canonical com>
+Bug-Ubuntu: https://launchpad.net/bugs/1547865
+
+--- jasper-1.900.1-debian1.orig/src/libjasper/base/jas_icc.c
++++ jasper-1.900.1-debian1/src/libjasper/base/jas_icc.c
+@@ -300,6 +300,7 @@ jas_iccprof_t *jas_iccprof_load(jas_stre
+ 				if (jas_iccprof_setattr(prof, tagtabent->tag, attrval))
+ 					goto error;
+ 				jas_iccattrval_destroy(attrval);
++				attrval = 0;
+ 			} else {
+ #if 0
+ 				jas_eprintf("warning: skipping unknown tag type\n");
-- 
cgit v1.2.3