diff --git a/abi-check/changelog/openjpeg/current/log.html b/abi-check/changelog/openjpeg/current/log.html index 7235af60..2a46c961 100644 --- a/abi-check/changelog/openjpeg/current/log.html +++ b/abi-check/changelog/openjpeg/current/log.html @@ -20,7 +20,16 @@

Changelog from Git



-
commit c196b23b90321b5c7e3238294607a2e8626c503f
+
commit 92023cd6c377e0384a7725949b25655d4d94dced
+Merge: c196b23 cab352e
+Author: Even Rouault <even.rouault@mines-paris.org>
+Date:   2018-11-16 09:42:19 +0100
+
+    Merge pull request #1160 from hlef/master
+    
+    jp3d/jpwl convert: fix write stack buffer overflow
+
+commit c196b23b90321b5c7e3238294607a2e8626c503f
 Author: ichlubna <43234438+ichlubna@users.noreply.github.com>
 Date:   2018-11-16 09:40:31 +0100
 
@@ -28,6 +37,33 @@ Date:   2018-11-16 09:40:31 +0100
     
     When compressing a lot of slices (starting from 44 FullHD slices with 3 8bit components in our experiments) the rate values are high enough to cause an int overflow that leads to negative lengths and wrong results. The cast happens too late.
 
+commit cab352e249ed3372dd9355c85e837613fff98fa2
+Author: Hugo Lefeuvre <hle@debian.org>
+Date:   2018-11-07 18:48:29 +0100
+
+    jp2: convert: fix null pointer dereference
+    
+    Tile components in a JP2 image might have null data pointer by defining a
+    zero component size (for example using large horizontal or vertical
+    sampling periods). This null data pointer leads to null image component
+    data pointer, causing crash when dereferenced without != null check in
+    imagetopnm.
+    
+    Add != null check.
+    
+    This commit addresses #1152 (CVE-2018-18088).
+
+commit 0bc90e4062a5f9258c91eca018c019b179066c62
+Author: Hugo Lefeuvre <hle@debian.org>
+Date:   2018-10-22 16:59:41 +0200
+
+    jp3d/jpwl convert: fix write stack buffer overflow
+    
+    Missing buffer length formatter in fscanf call might lead to write
+    stack buffer overflow.
+    
+    fixes #1044 (CVE-2017-17480)
+
 commit 948332e6ed17565100d1df5f6fdbf66865218e36
 Author: Stefan Weil <sw@weilnetz.de>
 Date:   2018-10-31 20:44:30 +0100
@@ -801,34 +837,6 @@ Date:   2017-09-19 18:35:31 +0200
 
     Workaroudn cppcheck (correct) warning about same code in then and else branches
 
-commit c84e594cffb181b96f522becf1ba0302e2cc6da7
-Author: Even Rouault <even.rouault@spatialys.com>
-Date:   2017-09-19 18:35:07 +0200
-
-    Fix badly named variable in function prototype (raised by cppcheck)
-
-commit e17bbde9066600528ab523adee69d9c9c33ba157
-Author: Even Rouault <even.rouault@spatialys.com>
-Date:   2017-09-19 17:48:07 +0200
-
-    opj_set_decoded_components(): add a provision for a apply_color_transforms parameter in case we support it in the future
-
-commit 7e2b6bebff12eab8bdc17fc9af017e8c11652f4f
-Author: Even Rouault <even.rouault@spatialys.com>
-Date:   2017-09-19 16:52:07 +0200
-
-    Add capability to decode only a subset of all components of an image.
-    
-    This adds a opj_set_decoded_components(opj_codec_t *p_codec,
-    OPJ_UINT32 numcomps, const OPJ_UINT32* comps_indices) function,
-    and equivalent "opj_decompress -c compno[,compno]*" option.
-    
-    When specified, neither the MCT transform nor JP2 channel transformations
-    will be applied.
-    
-    Tests added for various combinations of whole image vs tiled-based decoding,
-    full or reduced resolution, use of decode area or not.
-
 ...
diff --git a/abi-check/db/openjpeg/Tracker.data b/abi-check/db/openjpeg/Tracker.data index c4bd4ea8..b6d3f32d 100644 --- a/abi-check/db/openjpeg/Tracker.data +++ b/abi-check/db/openjpeg/Tracker.data @@ -633,7 +633,7 @@ $VAR1 = { '2.1.2' => '2016-09-28 18:18', '2.2.0' => '2017-08-10 00:31', '2.3.0' => '2017-10-04 22:23', - 'current' => '2018-11-16 09:40:31' + 'current' => '2018-11-16 09:42:19' }, 'HeadersDiff' => { '1.1' => { @@ -731,7 +731,7 @@ $VAR1 = { 'Maintainer' => 'OpenJPEG team', 'MaintainerUrl' => 'http://www.openjpeg.org/', 'PackageDiff' => {}, - 'ScmUpdateTime' => '1542358527', + 'ScmUpdateTime' => '1542359208', 'Soname' => { '1.1' => { 'lib/libopenjpeg.so' => 'libopenjpeg.so' diff --git a/abi-check/installed/openjpeg/current/lib/libopenjp2.a b/abi-check/installed/openjpeg/current/lib/libopenjp2.a index 5f2e01c8..3c28d3f3 100644 Binary files a/abi-check/installed/openjpeg/current/lib/libopenjp2.a and b/abi-check/installed/openjpeg/current/lib/libopenjp2.a differ diff --git a/abi-check/installed/openjpeg/current/lib/libopenjp2.so.2.3.0 b/abi-check/installed/openjpeg/current/lib/libopenjp2.so.2.3.0 index b35c8aec..ca695255 100644 Binary files a/abi-check/installed/openjpeg/current/lib/libopenjp2.so.2.3.0 and b/abi-check/installed/openjpeg/current/lib/libopenjp2.so.2.3.0 differ diff --git a/abi-check/timeline/openjpeg/index.html b/abi-check/timeline/openjpeg/index.html index 85dcf722..a837adc9 100644 --- a/abi-check/timeline/openjpeg/index.html +++ b/abi-check/timeline/openjpeg/index.html @@ -30,7 +30,7 @@ Headers
Diff current -2018-11-16
09:40 +2018-11-16
09:42 7 changelog 100% @@ -170,7 +170,7 @@ N/A N/A -
Maintained by OpenJPEG team. Last updated on Fri Nov 16 08:55:52 2018.
+
Maintained by OpenJPEG team. Last updated on Fri Nov 16 09:07:12 2018.

abi-laboratory.pro