Branches for Gutsy

Author: Roland Stigge
Revision Date: 2007-04-10 10:05:10 UTC

Fixed segfaults on broken images (Closes: #413041)

Author: Marc Deslauriers
Revision Date: 2009-03-18 13:22:57 UTC

* SECURITY UPDATE: integer overflows via integer multiplication for
  memory allocation
  - src/libjasper/include/jasper/jas_malloc.h,
    src/libjasper/base/jas_malloc.c:
    * introduce new size-checked allocation functions
  - src/libjasper/base/jas_*.c,
    src/libjasper/bmp/bmp_dec.c,
    src/libjasper/jp2/jp2_*.c,
    src/libjasper/jpc/jpc_*.c,
    src/libjasper/mif/mif_cod.c:
    * use new size-checked allocation functions
  - CVE-2008-3520
* SECURITY UPDATE: denial of service via temporary file name prediction
  - src/libjasper/base/jas_stream.c: use mkstemp()
  - CVE-2008-3521
* SECURITY UPDATE: buffer overflow via vsprintf in jas_stream_printf()
  - src/libjasper/base/jas_stream.c: use vsnprintf()
  - CVE-2008-3522

Author: Marc Deslauriers
Revision Date: 2009-03-18 13:22:57 UTC

* SECURITY UPDATE: integer overflows via integer multiplication for
  memory allocation
  - src/libjasper/include/jasper/jas_malloc.h,
    src/libjasper/base/jas_malloc.c:
    * introduce new size-checked allocation functions
  - src/libjasper/base/jas_*.c,
    src/libjasper/bmp/bmp_dec.c,
    src/libjasper/jp2/jp2_*.c,
    src/libjasper/jpc/jpc_*.c,
    src/libjasper/mif/mif_cod.c:
    * use new size-checked allocation functions
  - CVE-2008-3520
* SECURITY UPDATE: denial of service via temporary file name prediction
  - src/libjasper/base/jas_stream.c: use mkstemp()
  - CVE-2008-3521
* SECURITY UPDATE: buffer overflow via vsprintf in jas_stream_printf()
  - src/libjasper/base/jas_stream.c: use vsnprintf()
  - CVE-2008-3522