Summary: | <media-libs/openjpeg-2.3.0: Heap buffer overflow (CVE-2017-14164) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | D'juan McDonald (domhnall) <flopwiki> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | graphics+disabled |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://blogs.gentoo.org/ago/2017/09/06/heap-based-buffer-overflow-in-opj_write_bytes_le-cio-c-incomplete-fix-for-cve-2017-14152/ | ||
Whiteboard: | B3 [glsa+ cve] | ||
Package list: | Runtime testing required: | --- |
Description
D'juan McDonald (domhnall)
2017-09-06 21:35:14 UTC
@maintainer(s), after bump, please call stabilization if needed, thank you. Daj Uan (jmbailey/mbailey_j) Gentoo Security Padawan Hi, it is appreciate that you file the security bugs. I'd like if in the summary was reported the nature of the issue instead of the impact, so in this case heap buffer overflow. This issue was resolved and addressed in GLSA 201710-26 at https://security.gentoo.org/glsa/201710-26 by GLSA coordinator Aaron Bauman (b-man). re-opened for cleanup. @maintainers ping. please let us know when tree is clean from <openjpeg-2.3.0 (In reply to Agostino Sarubbo from comment #2) > Hi, it is appreciate that you file the security bugs. I'd like if in the > summary was reported the nature of the issue instead of the impact, so in > this case heap buffer overflow. Sorry, I missed your comment, Ago. Tree is clean. |