[jasper/f21: 3/3] Merge branch 'f20' into f21
Jiří Popelka
jpopelka at fedoraproject.org
Thu Dec 18 17:21:00 UTC 2014
commit a275b0f0d6fc433218e7c0f25a14c8acdb0d44c8
Merge: 10c0b93 76d5098
Author: Jiri Popelka <jpopelka at redhat.com>
Date: Thu Dec 18 18:18:47 2014 +0100
Merge branch 'f20' into f21
jasper-CVE-2014-8137.patch | 57 ++++++++++++++++++++++++++++++++++++++++++++
jasper-CVE-2014-8138.patch | 14 ++++++++++
jasper.spec | 42 +++++++++++++++++++-------------
3 files changed, 96 insertions(+), 17 deletions(-)
---
diff --cc jasper.spec
index d048b39,2b81fdb..53d8bc4
--- a/jasper.spec
+++ b/jasper.spec
@@@ -7,7 -7,7 +7,7 @@@ Summary: Implementation of the JPEG-200
Name: jasper
Group: System Environment/Libraries
Version: 1.900.1
- Release: 28%{?dist}
-Release: 27%{?dist}
++Release: 29%{?dist}
License: JasPer
URL: http://www.ece.uvic.ca/~frodo/jasper/
@@@ -173,7 -177,11 +177,11 @@@ make chec
%changelog
-* Thu Dec 18 2014 Jiri Popelka <jpopelka at redhat.com> - 1.900.1-27
++* Thu Dec 18 2014 Jiri Popelka <jpopelka at redhat.com> - 1.900.1-29
+ - CVE-2014-8137 - double-free in jas_iccattrval_destroy() (oCERT-2014-012) (#1175761)
+ - CVE-2014-8138 - heap overflow in jp2_decode() (oCERT-2014-012) (#1175761)
+
-* Thu Dec 04 2014 Jiri Popelka <jpopelka at redhat.com> - 1.900.1-26
+* Thu Dec 04 2014 Jiri Popelka <jpopelka at redhat.com> - 1.900.1-28
- CVE-2014-9029 - incorrect component number check in COC, RGN and QCC
marker segment decoders (#1170650)
More information about the scm-commits
mailing list