[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH 1/2] gnu: openjpeg-2.*: Fix CVE-2016-7163.
From: |
Leo Famulari |
Subject: |
Re: [PATCH 1/2] gnu: openjpeg-2.*: Fix CVE-2016-7163. |
Date: |
Fri, 9 Sep 2016 03:59:09 -0400 |
User-agent: |
Mutt/1.7.0 (2016-08-17) |
On Fri, Sep 09, 2016 at 10:15:58AM +0300, Efraim Flashner wrote:
> On Fri, Sep 09, 2016 at 02:04:40AM -0400, Leo Famulari wrote:
> > diff --git a/gnu/packages/patches/openjpeg-CVE-2016-7163.patch
> > b/gnu/packages/patches/openjpeg-CVE-2016-7163.patch
[...]
> Was from here down put/left here intentionally? It looks out of place
>
> > +From c16bc057ba3f125051c9966cf1f5b68a05681de4 Mon Sep 17 00:00:00 2001
> > +From: trylab <address@hidden>
> > +Date: Tue, 6 Sep 2016 13:55:49 +0800
> > +Subject: [PATCH] Fix an integer overflow issue (#809)
> > +
> > --
> > 2.10.0
You're right. I had concatenated the two commits out of order, and I
accidentally left this header at the bottom when moving the original
bugfix above the follow-up commit.
Thank you for catching this.
I've attached an updated patch.
0001-gnu-openjpeg-2.-Fix-CVE-2016-7163.patch
Description: Text document
signature.asc
Description: PGP signature
- [PATCH 0/2] OpenJPEG security fixes (CVE-2016-{5157,7163}), Leo Famulari, 2016/09/09
- [PATCH 2/2] gnu: openjpeg-2.*: Fix CVE-2016-5157., Leo Famulari, 2016/09/09
- Re: [PATCH 0/2] OpenJPEG security fixes (CVE-2016-{5157,7163}), Efraim Flashner, 2016/09/09
- v2: OpenJPEG security fixes (CVE-2016-{5157,7163}), Leo Famulari, 2016/09/09