ryan/mozjpeg
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

ChangeLog.md: List CVE ID fixed by 9f756bc6

Browse Source
This commit is contained in:
DRC
2023-05-30 17:46:58 -04:00
parent 3a53627306
commit 36aaeebb55
1 changed files with 7 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
ChangeLog.md
View File

@@ -8,12 +8,13 @@ subsampling, which allows losslessly transposed or rotated 4:1:1 JPEG images to
be losslessly cropped, partially decompressed, or decompressed to planar YUV
images.
2. Fixed various segfaults and buffer overruns that occurred when attempting to
decompress various specially-crafted malformed 12-bit-per-component lossless
JPEG images. These issues were caused by out-of-range sample values that were
not range-limited before being used as array indices. The issues were specific
to 12-bit data precision, since that is the only data precision for which the
range of the sample data type exceeds the valid sample range.
2. Fixed various segfaults and buffer overruns (CVE-2023-2804) that occurred
when attempting to decompress various specially-crafted malformed
12-bit-per-component lossless JPEG images. These issues were caused by
out-of-range sample values that were not range-limited before being used as
array indices. The issues were specific to 12-bit data precision, since that
is the only data precision for which the range of the sample data type exceeds
the valid sample range.
3. Fixed an oversight in 1.4 beta1[8] that caused various segfaults and buffer
overruns when attempting to decompress various specially-crafted malformed