| Summary: | media-libs/openjpeg : Heap-based buffer overflow in JPEG2000 image tile decoder | ||
|---|---|---|---|
| Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
| Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
| Status: | RESOLVED DUPLICATE | ||
| Severity: | major | CC: | graphics+disabled |
| Priority: | Normal | ||
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | Linux | ||
| URL: | https://bugzilla.redhat.com/show_bug.cgi?id=1082925 | ||
| Whiteboard: | A2 [upstream] | ||
| Package list: | Runtime testing required: | --- | |
*** This bug has been marked as a duplicate of bug 493662 *** (In reply to Samuli Suominen from comment #1) > > *** This bug has been marked as a duplicate of bug 493662 *** This is why this CVE is a duplicate: http://bugzilla.redhat.com/show_bug.cgi?id=1082925#c10 http://www.openwall.com/lists/oss-security/2014/04/02/2 |
From ${URL} : A heap-based buffer overflow was found in the way openjpeg parsed certain image files from a JPEG2000 image. If a specially-crafted image were opened by an application linked against OpenJPEG, it could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. @maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.