[Secure-testing-commits] r45520 - data/CVE

[Salvatore Bonaccorso]

Author: carnil
Date: 2016-10-23 10:58:10 +0000 (Sun, 23 Oct 2016)
New Revision: 45520

Modified:
   data/CVE/list
Log:
Add another jasper, heap-based buffer overflow in jpc_dec_tiledecode

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-10-23 10:46:55 UTC (rev 45519)
+++ data/CVE/list	2016-10-23 10:58:10 UTC (rev 45520)
@@ -1,3 +1,9 @@
+CVE-2016-XXXX [heap-based buffer overflow in jpc_dec_tiledecode (jpc_dec.c)]
+	- jasper <unfixed>
+	NOTE: Fixed by: https://github.com/mdadams/jasper/commit/988f8365f7d8ad8073b6786e433d34c553ecf568 (version-1.900.12)
+	NOTE: https://blogs.gentoo.org/ago/2016/10/23/jasper-heap-based-buffer-overflow-in-jpc_dec_tiledecode-jpc_dec-c/
+	NOTE: Reproducer: https://github.com/asarubbo/poc/blob/master/00001-jasper-heapoverflow-jpc_dec_tiledecode
+	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/10/23/7
 CVE-2016-8887
 	- jasper <unfixed>
 	NOTE: https://blogs.gentoo.org/ago/2016/10/18/jasper-null-pointer-dereference-in-jp2_colr_destroy-jp2_cod-c