Summary: | <media-libs/openjpeg-2.2.0: Two flaws in the way openjpeg decompress certain input images (CVE-2016-{9572,9573}) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Thomas Deutschmann (RETIRED) <whissi> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | graphics+disabled, slawomir.nizio |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | B3 [glsa cve] | ||
Package list: |
=media-libs/openjpeg-2.2.0
|
Runtime testing required: | --- |
Bug Depends on: | 602180 | ||
Bug Blocks: |
Description
Thomas Deutschmann (RETIRED)
2017-01-20 15:58:35 UTC
It's great to have those bugs tracked here, but just FTR there are still dozens of unfixed security bugs that come from fuzzing. Both issues were fixed in >=media-libs/openjpeg-2.2.0. Stabilization will happen in bug 602180. This issue was resolved and addressed in GLSA 201710-26 at https://security.gentoo.org/glsa/201710-26 by GLSA coordinator Aaron Bauman (b-man). |