-
Notifications
You must be signed in to change notification settings - Fork 455
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
CVE-2016-1626 and CVE-2016-1628 #850
Labels
Milestone
Comments
@detonin what do you think of the suggested patch ? |
BTW the proof of concept are locate in the ZIP file: https://bugs.chromium.org/p/chromium/issues/detail?id=571480#c2 |
rouault
added a commit
that referenced
this issue
Jul 29, 2017
…-2016-1626 and CVE-2016-1628, #850) This has been recently fixed in a less elegant way per 80818c3
joebonrichie
pushed a commit
to solus-packages/openjpeg
that referenced
this issue
Aug 15, 2023
Summary: This new release includes a significant number of improvements and bug fixes. In particular: - Multi-threading support at decoding side - Several speed optimisations both at encoder and decoder, and both on Wavelet Transform and Entropy Coding parts. On our test set, a single-threaded execution is now around 20% faster (encoding or decoding). - Huge memory consumption reduction at decoding side (~60% reduction on large images) - Several important bug fixes, in particular the one that was preventing OpenJPEG to encode lossless in some specific situations, as well as those related to mode switches (BYPASS/LAZY, RESTART/TERMALL, etc). - Several security fixes thanks to the inclusion of OpenJPEG in the Google OSS Fuzz project. Beside that, several improvements have been brought to the project maintenance, like inclusion of benchmarking scripts to compare speed with latest available kakadu binaries. Security fixes: - CVE-2016-5139, CVE-2016-5152, CVE-2016-5158, CVE-2016-5159 [#854](uclouvain/openjpeg#854) - CVE-2016-1626 and CVE-2016-1628 [#850](uclouvain/openjpeg#850) For more info check the [NEWS](https://github.com/uclouvain/openjpeg/blob/v2.2.0/NEWS.md) and the [Changelog](https://github.com/uclouvain/openjpeg/blob/v2.2.0/CHANGELOG.md) Signed-off-by: Pierre-Yves <pyu@riseup.net> Test Plan: ``` $ opj_compress -i test.png -o test.j2k [INFO] tile number 1 / 1 [INFO] Generated outfile test.j2k encode time: 283 ms ``` Reviewers: #triage_team, JoshStrobl Reviewed By: #triage_team, JoshStrobl Subscribers: sunnyflunk, JoshStrobl Tags: #security Differential Revision: https://dev.solus-project.com/D794
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
The vulnerable code in http://www.zerodayinitiative.com/advisories/ZDI-16-171/ and http://www.zerodayinitiative.com/advisories/ZDI-16-172/ also appears to effect openjpeg in the pi.c file.
Google fixed this code with: https://pdfium.googlesource.com/pdfium.git/+/76c995796f95fd4c54c5f11d2a04392f16478619%5E%21/#F2
Is this something that effects openjpeg? And if so can you patch as well?
The text was updated successfully, but these errors were encountered: