[3.2] openjpeg: Multiple issues (CVE-2016-9580, CVE-2016-9581)
CVE-2016-9580: Integer overflow in tiftoimage causes heap buffer overflow
CVE-2016-9581: Infinite loop in tiftoimage resulting into heap buffer overflow in convert_32s_C1P1
References:
https://github.com/uclouvain/openjpeg/issues/871
https://github.com/uclouvain/openjpeg/issues/872
Patch:
https://github.com/szukw000/openjpeg/commit/cadff5fb6e73398de26a92e96d3d7cac893af255
(from redmine: issue id 6568, created on 2016-12-21, closed on 2016-12-22)
- Relations:
- parent #6564 (closed)
- Changesets:
- Revision 2fdeb6b9 on 2016-12-22T10:05:05Z:
main/openjpeg: security fixes (CVE-2016-9580, CVE-2016-9581). Fixes #6568
(cherry picked from commit 91f0ed50281f76fcbbc7760fd7617e01b9a50c47)