-
Notifications
You must be signed in to change notification settings - Fork 101
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
jasper crashes -- assertion failure #174
Comments
The same assertion and traceback as in #165 - probably a duplicate. |
This vulnerability has been fixed in our fork: https://github.com/jasper-maint/jasper/ |
jubalh
added a commit
to jubalh/buildroot
that referenced
this issue
Jul 28, 2020
Changes: * Fix CVE-2018-9154 jasper-software/jasper#215 jasper-software/jasper#166 jasper-software/jasper#175 jasper-maint/jasper#8 * Fix CVE-2018-19541 jasper-software/jasper#199 jasper-maint/jasper#6 * Fix CVE-2016-9399, CVE-2017-13751 jasper-maint/jasper#1 * Fix CVE-2018-19540 jasper-software/jasper#182 jasper-maint/jasper#22 * Fix CVE-2018-9055 jasper-maint/jasper#9 * Fix CVE-2017-13748 jasper-software/jasper#168 * Fix CVE-2017-5503, CVE-2017-5504, CVE-2017-5505 jasper-maint/jasper#3 jasper-maint/jasper#4 jasper-maint/jasper#5 jasper-software/jasper#88 jasper-software/jasper#89 jasper-software/jasper#90 * Fix CVE-2018-9252 jasper-maint/jasper#16 * Fix CVE-2018-19139 jasper-maint/jasper#14 * Fix CVE-2018-19543, CVE-2017-9782 jasper-maint/jasper#13 jasper-maint/jasper#18 jasper-software/jasper#140 jasper-software/jasper#182 * Fix CVE-2018-20570 jasper-maint/jasper#11 jasper-software/jasper#191 * Fix CVE-2018-20622 jasper-maint/jasper#12 jasper-software/jasper#193 * Fix CVE-2016-9398 jasper-maint/jasper#10 * Fix CVE-2017-14132 jasper-maint/jasper#17 * Fix CVE-2017-5499 jasper-maint/jasper#2 jasper-software/jasper#63 * Fix CVE-2018-18873 jasper-maint/jasper#15 jasper-software/jasper#184 * Fix jasper-software/jasper#207 * Fix jasper-software/jasper#194 part 1 * Fix CVE-2017-13750 jasper-software/jasper#165 jasper-software/jasper#174 * New option -DJAS_ENABLE_HIDDEN=true to not export internal symbols in the public symbol table * Fix various memory leaks * Plenty of code cleanups, and performance improvements
buildroot-auto-update
pushed a commit
to buildroot/buildroot
that referenced
this issue
Aug 3, 2020
Fixes the following security issues: * Fix CVE-2018-9154 jasper-software/jasper#215 jasper-software/jasper#166 jasper-software/jasper#175 jasper-maint/jasper#8 * Fix CVE-2018-19541 jasper-software/jasper#199 jasper-maint/jasper#6 * Fix CVE-2016-9399, CVE-2017-13751 jasper-maint/jasper#1 * Fix CVE-2018-19540 jasper-software/jasper#182 jasper-maint/jasper#22 * Fix CVE-2018-9055 jasper-maint/jasper#9 * Fix CVE-2017-13748 jasper-software/jasper#168 * Fix CVE-2017-5503, CVE-2017-5504, CVE-2017-5505 jasper-maint/jasper#3 jasper-maint/jasper#4 jasper-maint/jasper#5 jasper-software/jasper#88 jasper-software/jasper#89 jasper-software/jasper#90 * Fix CVE-2018-9252 jasper-maint/jasper#16 * Fix CVE-2018-19139 jasper-maint/jasper#14 * Fix CVE-2018-19543, CVE-2017-9782 jasper-maint/jasper#13 jasper-maint/jasper#18 jasper-software/jasper#140 jasper-software/jasper#182 * Fix CVE-2018-20570 jasper-maint/jasper#11 jasper-software/jasper#191 * Fix CVE-2018-20622 jasper-maint/jasper#12 jasper-software/jasper#193 * Fix CVE-2016-9398 jasper-maint/jasper#10 * Fix CVE-2017-14132 jasper-maint/jasper#17 * Fix CVE-2017-5499 jasper-maint/jasper#2 jasper-software/jasper#63 * Fix CVE-2018-18873 jasper-maint/jasper#15 jasper-software/jasper#184 * Fix CVE-2017-13750 jasper-software/jasper#165 jasper-software/jasper#174 Furthermore, drop now upstreamed patches and change to the new jasper-software upstream location. Signed-off-by: Michael Vetter <jubalh@iodoru.org> [Peter: reword for security bump] Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
woodsts
pushed a commit
to woodsts/buildroot
that referenced
this issue
Aug 18, 2020
Fixes the following security issues: * Fix CVE-2018-9154 jasper-software/jasper#215 jasper-software/jasper#166 jasper-software/jasper#175 jasper-maint/jasper#8 * Fix CVE-2018-19541 jasper-software/jasper#199 jasper-maint/jasper#6 * Fix CVE-2016-9399, CVE-2017-13751 jasper-maint/jasper#1 * Fix CVE-2018-19540 jasper-software/jasper#182 jasper-maint/jasper#22 * Fix CVE-2018-9055 jasper-maint/jasper#9 * Fix CVE-2017-13748 jasper-software/jasper#168 * Fix CVE-2017-5503, CVE-2017-5504, CVE-2017-5505 jasper-maint/jasper#3 jasper-maint/jasper#4 jasper-maint/jasper#5 jasper-software/jasper#88 jasper-software/jasper#89 jasper-software/jasper#90 * Fix CVE-2018-9252 jasper-maint/jasper#16 * Fix CVE-2018-19139 jasper-maint/jasper#14 * Fix CVE-2018-19543, CVE-2017-9782 jasper-maint/jasper#13 jasper-maint/jasper#18 jasper-software/jasper#140 jasper-software/jasper#182 * Fix CVE-2018-20570 jasper-maint/jasper#11 jasper-software/jasper#191 * Fix CVE-2018-20622 jasper-maint/jasper#12 jasper-software/jasper#193 * Fix CVE-2016-9398 jasper-maint/jasper#10 * Fix CVE-2017-14132 jasper-maint/jasper#17 * Fix CVE-2017-5499 jasper-maint/jasper#2 jasper-software/jasper#63 * Fix CVE-2018-18873 jasper-maint/jasper#15 jasper-software/jasper#184 * Fix CVE-2017-13750 jasper-software/jasper#165 jasper-software/jasper#174 Furthermore, drop now upstreamed patches and change to the new jasper-software upstream location. Signed-off-by: Michael Vetter <jubalh@iodoru.org> [Peter: reword for security bump] Signed-off-by: Peter Korsgaard <peter@korsgaard.com> (cherry picked from commit d0f7b24) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
woodsts
pushed a commit
to woodsts/buildroot
that referenced
this issue
Aug 18, 2020
Fixes the following security issues: * Fix CVE-2018-9154 jasper-software/jasper#215 jasper-software/jasper#166 jasper-software/jasper#175 jasper-maint/jasper#8 * Fix CVE-2018-19541 jasper-software/jasper#199 jasper-maint/jasper#6 * Fix CVE-2016-9399, CVE-2017-13751 jasper-maint/jasper#1 * Fix CVE-2018-19540 jasper-software/jasper#182 jasper-maint/jasper#22 * Fix CVE-2018-9055 jasper-maint/jasper#9 * Fix CVE-2017-13748 jasper-software/jasper#168 * Fix CVE-2017-5503, CVE-2017-5504, CVE-2017-5505 jasper-maint/jasper#3 jasper-maint/jasper#4 jasper-maint/jasper#5 jasper-software/jasper#88 jasper-software/jasper#89 jasper-software/jasper#90 * Fix CVE-2018-9252 jasper-maint/jasper#16 * Fix CVE-2018-19139 jasper-maint/jasper#14 * Fix CVE-2018-19543, CVE-2017-9782 jasper-maint/jasper#13 jasper-maint/jasper#18 jasper-software/jasper#140 jasper-software/jasper#182 * Fix CVE-2018-20570 jasper-maint/jasper#11 jasper-software/jasper#191 * Fix CVE-2018-20622 jasper-maint/jasper#12 jasper-software/jasper#193 * Fix CVE-2016-9398 jasper-maint/jasper#10 * Fix CVE-2017-14132 jasper-maint/jasper#17 * Fix CVE-2017-5499 jasper-maint/jasper#2 jasper-software/jasper#63 * Fix CVE-2018-18873 jasper-maint/jasper#15 jasper-software/jasper#184 * Fix CVE-2017-13750 jasper-software/jasper#165 jasper-software/jasper#174 Furthermore, drop now upstreamed patches and change to the new jasper-software upstream location. Signed-off-by: Michael Vetter <jubalh@iodoru.org> [Peter: reword for security bump] Signed-off-by: Peter Korsgaard <peter@korsgaard.com> (cherry picked from commit d0f7b24) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hi all,
This bug was found with AFLSmart, an extension of AFL. Thanks also to Marcel Böhme, Andrew Santosa and Alexandru Razvan Caciulescu.
This bug was found on Ubuntu 16.04 64-bit.
To reproduce:
imginfo -f jasper_crash1.jpg
Error message:
Valgrind says:
Regards,
Thuan
The text was updated successfully, but these errors were encountered: