[3.4] openjpeg: Null pointer dereference in convert.c (CVE-2016-7445)
convert.c in OpenJPEG before 2.1.2 allows remote attackers to cause a
denial of service
(NULL pointer dereference and application crash) via vectors involving
the variable s.
References:
https://github.com/uclouvain/openjpeg/issues/843
http://seclists.org/oss-sec/2016/q3/546
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7445
(from redmine: issue id 6262, created on 2016-10-04, closed on 2016-10-25)
- Relations:
- parent #6261 (closed)
- Changesets:
- Revision 75fc2172 on 2016-10-19T09:14:47Z:
main/openjpeg: security upgrade to 2.1.2 (CVE-2016-7445). Fixes #6262