1Name: OpenJPEG 2URL: http://www.openjpeg.org/ 3Version: 0fa5a17c98c4b8f9ee2286f4f0a50cf52a5fccb0 4Security Critical: yes 5License: 2-clause BSD 6 7Description: 8JPEG 2000 library. 9 10Local Modifications: 11 120000-use-colorspace.patch: Makes it possible to not call opj_jp2_apply_pclr(). 130001-image-data.patch: Fix a crasher in opj_j2k_update_image_data(). 140002-packet-iterator.patch: Fix integer overflow in opj_pi_create_decode(). 150003-dwt-decode.patch: Check array bounds for opj_dwt_decode_1() and friends. 160004-j2k_read_mcc.patch: Move incrementing of l_tcp->m_nb_mcc_records to the right place. 170005-jp2_apply_pclr.patch: Fix out of bounds access. 180006-tcd_init_tile.patch: Fix a divide by zero bug in opj_tcd_init_tile(). 190007-jp2_read_cmap.patch: Fix wrong rendering on greyscale images with index colorspace. 200008-jp2_check_color.patch: Replace an assertion with returning false. 210009-opj_pi_next.patch: Fix potential bad precno value in opj_pi_next* functions. 220010-pi_update_decode_poc.patch: Set proper upper bound for an array in opj_pi_update_decode_poc(). 230011-j2k_update_image_data.patch: Prevent bad signed -> unsigned casting. 240012-mct_sse.patch: Don't use SSE intrinsics in 32-bit builds. 250013-attrib_fix.patch: Don't needlessly redefine __attribute__, https://github.com/uclouvain/openjpeg/issues/727 260014-opj_jp2_read_ihdr_leak.patch: Memory leak in opj_jp2_read_ihdr(). 270015-read_SPCod_SPCoc_overflow.patch: Prevent a buffer overflow in opj_j2k_read_SPCod_SPCoc. 280016-read_SQcd_SQcc_overflow.patch: Prevent a buffer overflow in opj_j2k_read_SQcd_SQcc. 290017-tcd_init_tile.patch: Prevent integer overflows during calculation of |l_nb_precinct_size|. 300018-tcd_get_decoded_tile_size.patch: Fix an integer overflow in opj_tcd_get_decoded_tile_size. 310019-tcd_init_tile.patch: Prevent integer overflows during calculation of |l_nb_code_blocks_size|. 320020-opj_aligned_malloc.patch: Prevent overflows when using opj_aligned_malloc(). 330021-tcd_init_tile_negative.patch: Prevent negative x, y values in opj_tcd_init_tile. 340022-jp2_apply_pclr_overflow.patch: Prevent integer overflow in opj_jp2_apply_pclr. 350023-opj_j2k_read_mct_records.patch: Fix opj_j2k_read to prevent heap-use-after-free. 360024-l_marker_size_check.patch: Return error before overflow in opj_j2k_read_header_procedure. 370025-opj_j2k_add_mct_null_data.patch: Check m_data != null before trying to read from it. 380026-use_opj_uint_ceildiv.patch: Remove (OPJ_UINT32)opj_int_ceildiv((OPJ_INT32)a, (OPJ_INT32) b). 390027-undefined-shift-opj_t1_decode_cblk.patch: upstream fix for a ubsan bug. 400028-upstream-check-size-in-opj_j2k_read_siz.patch: upstream patch in j2k.c. 41TODO(thestig): List all the other patches. 42