Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 593826

Summary: media-libs/openjpeg: multiple vulnerabilities
Product: Gentoo Security Reporter: Ian Zimmerman <nobrowser>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED DUPLICATE    
Severity: normal    
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard:
Package list:
Runtime testing required: ---

Description Ian Zimmerman 2016-09-14 22:44:22 UTC 
Debian summary [1]:

Multiple vulnerabilities in OpenJPEG, a JPEG 2000 image compression / decompression library, may result in denial of service or the execution of arbitrary code if a malformed JPEG 2000 file is processed.

Upstream patches:

https://github.com/uclouvain/openjpeg/commit/0fa5a17c98c4b8f9ee2286f4f0a50cf52a5fccb0

https://github.com/uclouvain/openjpeg/commit/1a8318f6c24623189ecb65e049267c6f2e005c0e

https://github.com/uclouvain/openjpeg/commit/c16bc057ba3f125051c9966cf1f5b68a05681de4

https://github.com/uclouvain/openjpeg/commit/ef01f18dfc6780b776d0674ed3e7415c6ef54d24

[1]
https://www.debian.org/security/2016/dsa-3665

(Note that CVE-2015-8871, also included in this DSA, is Gentoo bug #560632.)
Comment 1 Yury German Gentoo Infrastructure gentoo-dev 2016-09-16 03:09:00 UTC 
This is duplicate of the following:
Bug #560632, 572430

*** This bug has been marked as a duplicate of bug 560632 ***