Description: CVE-2016-1577: Prevent double-free in jas_iccattrval_destroy() Author: Tyler Hicks Bug-Ubuntu: https://launchpad.net/bugs/1547865 From: http://seclists.org/oss-sec/2016/q1/att-507/CVE-2016-1577.patch Signed-off-by: Gustavo Zacarias --- jasper-1.900.1-debian1.orig/src/libjasper/base/jas_icc.c +++ jasper-1.900.1-debian1/src/libjasper/base/jas_icc.c @@ -300,6 +300,7 @@ jas_iccprof_t *jas_iccprof_load(jas_stre if (jas_iccprof_setattr(prof, tagtabent->tag, attrval)) goto error; jas_iccattrval_destroy(attrval); + attrval = 0; } else { #if 0 jas_eprintf("warning: skipping unknown tag type\n");