ryan/mozjpeg
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

ChangeLog.md: List CVE ID fixed by previous commit

Browse Source
This commit is contained in:
DRC
2020-06-03 16:04:06 -05:00
parent 3de15e0c34
commit cf483eee49
1 changed files with 6 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
ChangeLog.md
View File

@@ -13,11 +13,12 @@ TurboJPEG Java API that caused an error ("java.lang.IllegalStateException: No
source image is associated with this instance") when attempting to use that source image is associated with this instance") when attempting to use that
method to compress a YUV image. method to compress a YUV image.
3. Fixed an issue in the PPM reader that caused a buffer overrun in cjpeg, 3. Fixed an issue (CVE-2020-13790) in the PPM reader that caused a buffer
TJBench, or the `tjLoadImage()` function if one of the values in a binary overrun in cjpeg, TJBench, or the `tjLoadImage()` function if one of the values
PPM/PGM input file exceeded the maximum value defined in the file's header and in a binary PPM/PGM input file exceeded the maximum value defined in the file's
that maximum value was less than 255. libjpeg-turbo 1.5.0 already included a header and that maximum value was less than 255. libjpeg-turbo 1.5.0 already
similar fix for binary PPM/PGM files with maximum values greater than 255. included a similar fix for binary PPM/PGM files with maximum values greater
than 255.
2.0.4 2.0.4