jbig2dec: Heap-buffer-overflow in jbig2_image_compose (CVE-2020-12268)
jbig2_image_compose in jbig2_image.c in Artifex jbig2dec before 0.18 has a heap-based buffer overflow.
References:
- https://nvd.nist.gov/vuln/detail/CVE-2020-12268
- https://security-tracker.debian.org/tracker/CVE-2020-12268
Patch:
https://github.com/ArtifexSoftware/jbig2dec/commit/0726320a4b55078e9d8deb590e477d598b3da66e
Affected branches:
-
master (3844aa04) -
3.11-stable -
3.10-stable -
3.9-stable -
3.8-stable
Edited by Leo