Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-Id: <20160118184959.5815B42E00B@smtpvbsrv1.mitre.org>
Date: Mon, 18 Jan 2016 13:49:59 -0500 (EST)
From: cve-assign@...re.org
To: limingxing@....cn
Cc: cve-assign@...re.org, oss-security@...ts.openwall.com
Subject: Re: Out-of-bounds Read in the OpenJpeg's opj_j2k_update_image_data and opj_tgt_reset function

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

> opj_j2k_update_image_data
> AddressSanitizer: heap-buffer-overflow
> READ of size 4

Use CVE-2016-1923.


> opj_tgt_reset
> AddressSanitizer: SEGV on unknown address

Use CVE-2016-1924.

- -- 
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJWnTLyAAoJEL54rhJi8gl5TpEP/2nGFLYuk37FXlViClyDElMB
c03MAy9ToQjW1iLnnRNoLn9nqO15yvxLu28l0hzXnag01v9xaOy4Z8TJWRvXqB3V
Jn4SU3xD7mnaHbzo0ObU1ywWvXaA3TVbFMmGu2Y4uFDW7/B/ZZFacYwAfT930mg/
pUWsO8i9QS+7wA899E9RjeewTtskyKXLXXlNaATJEl2hjG8flXUCdB3KN4dsTHl4
wNX+MWm9NwsSxyMG+3Uj4o6Ec5nhNeF5qqSYuPJtQQOcZZEHR1/sa7mq/7WO60Gx
ChRoKx2shlKxq8nUkMgDyKIbmXY2l6Lj9y9VyrwnOs7cimqh6F3MoZZ082JMjYX9
5NRVu3U7eFL3iDkDVKrUto3OiUHCDM7hyLEquFsU3DfcWEXGZC2DH27CjonuA/qV
VcKrlcB0WH1don4JoBiOh+2keu6Jt9W+W5PEDTjvu1BI2yqaZO+NCsjciNJ1Aiis
V/ly2mAp/tFpuAJCXWMGBKCCsyzgUcHnUBrKi2xHnY9sXzBUJ1ppO+n+ZI0anO7B
U70ekz7IvDK2L9YbxP673hTgCst2WM9o+c1GeCSacYL5gB0xMwXRQvKwYgDlVu4c
A1as0YquprR0pMpjeKlqyilnIRJAzK20tUIfUoSjqjopKZFWrcbInpWqjFUyoSoI
gcc50NDQB0Wxi2hfVDxk
=TVQP
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.