[3.7] jasper: NULL pointer exception in the function jp2_encode (CVE-2017-1000050)
JasPer 2.0.12 is vulnerable to a NULL pointer exception in the function
jp2_encode which failed
to check to see if the image contained at least one component resulting
in a denial-of-service.
References:
http://openwall.com/lists/oss-security/2017/07/08/3
https://github.com/mdadams/jasper/issues/120
Patch:
https://github.com/mdadams/jasper/commit/58ba0365d911b9f9dd68e9abf826682c0b4f2293
(from redmine: issue id 7572, created on 2017-07-20, closed on 2017-08-07)
- Relations:
- parent #7571 (closed)
- Changesets:
- Revision 8b736396 by Francesco Colista on 2017-08-07T13:11:31Z:
main/jasper: security fix CVE-2017-1000050. Fixes #7572