Commit Graph

10 Commits

Author SHA1 Message Date
openKylinBot 5dcf4c9fe1 changed debian/source/format to native 2022-05-14 02:33:48 +08:00
openKylinBot 9853688143 apply patches 2022-05-14 02:33:48 +08:00
openKylinBot 8daeaf61c1 format patches 2022-05-14 02:33:48 +08:00
Even Rouault 2eee49d87c [PATCH] opj_tcd_init_tile(): avoid integer overflow
That could lead to later assertion failures.

Fixes #1231 / CVE-2020-8112

Gbp-Pq: Name CVE-2020-8112.patch
2022-05-14 02:33:47 +08:00
Even Rouault ff08967f85 [PATCH] opj_j2k_update_image_dimensions(): reject images whose coordinates are beyond INT_MAX (fixes #1228)
Gbp-Pq: Name CVE-2020-6851.patch
2022-05-14 02:33:47 +08:00
Young Xiao 7ff9b4fd9b [PATCH] bmp_read_rle4_data(): avoid potential infinite loop
Gbp-Pq: Name CVE-2019-12973-2.patch
2022-05-14 02:33:47 +08:00
Young Xiao 1a67a19c2e [PATCH] convertbmp: detect invalid file dimensions early
width/length dimensions read from bmp headers are not necessarily
valid. For instance they may have been maliciously set to very large
values with the intention to cause DoS (large memory allocation, stack
overflow). In these cases we want to detect the invalid size as early
as possible.

This commit introduces a counter which verifies that the number of
written bytes corresponds to the advertized width/length.

See commit 8ee335227bbc for details.

Signed-off-by: Young Xiao <YangX92@hotmail.com>

Gbp-Pq: Name CVE-2019-12973-1.patch
2022-05-14 02:33:47 +08:00
Markus Koschany 9147c9517a java9
Gbp-Pq: Name java9.patch
2022-05-14 02:33:47 +08:00
openKylinBot 0a6fe2debc Import Debian changes 2.3.1-ok1
openjpeg2 (2.3.1-ok1) yangtze; urgency=medium

  * Build for openKylin.
2022-05-14 02:33:42 +08:00
openKylinBot 63c964585c Import Upstream version 2.3.1 2022-05-14 02:33:42 +08:00