Debian summary [1]: Multiple vulnerabilities in OpenJPEG, a JPEG 2000 image compression / decompression library, may result in denial of service or the execution of arbitrary code if a malformed JPEG 2000 file is processed. Upstream patches: https://github.com/uclouvain/openjpeg/commit/0fa5a17c98c4b8f9ee2286f4f0a50cf52a5fccb0 https://github.com/uclouvain/openjpeg/commit/1a8318f6c24623189ecb65e049267c6f2e005c0e https://github.com/uclouvain/openjpeg/commit/c16bc057ba3f125051c9966cf1f5b68a05681de4 https://github.com/uclouvain/openjpeg/commit/ef01f18dfc6780b776d0674ed3e7415c6ef54d24 [1] https://www.debian.org/security/2016/dsa-3665 (Note that CVE-2015-8871, also included in this DSA, is Gentoo bug #560632.)
This is duplicate of the following: Bug #560632, 572430 *** This bug has been marked as a duplicate of bug 560632 ***