FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2025-11-05 23:23:57 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
77bac392-ba98-11f0-aada-f59a8ea34d12	OpenJPH < 0.24.5 -- multiple vulnerabilities Aous Naman reports several vulnerabilities fixed in OpenJPH versions up to 0.24.5 and credits Cary Phillips for reporting them from the OSS-fuzz project. [0.24.5] Addresses OpenEXR OSS-fuzz issue 5747129672073216 that can cause heap corruption. [0.24.4...] we now check that the ATK marker segment length (Latk) makes sense. The issue was identified in OpenEXR fuzzing. [0.24.3] This is an important bug fix. It protects against illegally long QCD and QCC marker segments. It was discovered during OpenEXR fussing; thanx to [Cary Phillips]. Discovery 2025-10-29 Entry 2025-11-05 openjph < 0.24.5 https://github.com/aous72/OpenJPH/releases

VuXML ID

Description

77bac392-ba98-11f0-aada-f59a8ea34d12

OpenJPH < 0.24.5 -- multiple vulnerabilities

Aous Naman reports several vulnerabilities fixed in OpenJPH versions up to 0.24.5 and credits Cary Phillips for reporting them from the OSS-fuzz project.

[0.24.5] Addresses OpenEXR OSS-fuzz issue 5747129672073216 that can cause heap corruption.

[0.24.4...] we now check that the ATK marker segment length (Latk) makes sense. The issue was identified in OpenEXR fuzzing.

[0.24.3] This is an important bug fix. It protects against illegally long QCD and QCC marker segments. It was discovered during OpenEXR fussing; thanx to [Cary Phillips].

Discovery 2025-10-29
Entry 2025-11-05
openjph

< 0.24.5

https://github.com/aous72/OpenJPH/releases