Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 593826 - media-libs/openjpeg: multiple vulnerabilities
Summary: media-libs/openjpeg: multiple vulnerabilities
Status: RESOLVED DUPLICATE of bug 560632
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2016-09-14 22:44 UTC by Ian Zimmerman
Modified: 2016-09-16 03:09 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Ian Zimmerman 2016-09-14 22:44:22 UTC 
Debian summary [1]:

Multiple vulnerabilities in OpenJPEG, a JPEG 2000 image compression / decompression library, may result in denial of service or the execution of arbitrary code if a malformed JPEG 2000 file is processed.

Upstream patches:

https://github.com/uclouvain/openjpeg/commit/0fa5a17c98c4b8f9ee2286f4f0a50cf52a5fccb0

https://github.com/uclouvain/openjpeg/commit/1a8318f6c24623189ecb65e049267c6f2e005c0e

https://github.com/uclouvain/openjpeg/commit/c16bc057ba3f125051c9966cf1f5b68a05681de4

https://github.com/uclouvain/openjpeg/commit/ef01f18dfc6780b776d0674ed3e7415c6ef54d24

[1]
https://www.debian.org/security/2016/dsa-3665

(Note that CVE-2015-8871, also included in this DSA, is Gentoo bug #560632.)
Comment 1 Yury German Gentoo Infrastructure gentoo-dev 2016-09-16 03:09:00 UTC 
This is duplicate of the following:
Bug #560632, 572430

*** This bug has been marked as a duplicate of bug 560632 ***