Revision history [back]
 | 1 | initial version | posted 2020-03-02 11:53:52 +0200  |
update openjpeg to openjpeg-2.3.1-1ubuntu4 to fix CVE-2019-12973 CVE-2020-6851 CVE-2020-8112 CVE-2018-20847 CVE-2018-21010 CVE-2018-5727 CVE-2017-17480 CVE-2018-14423 CVE-2018-18088 CVE-2018-5785 CVE-2018-6616 critical remote
https://launchpad.net/ubuntu/+source/openjpeg2/2.3.1-1ubuntu4
- SECURITY UPDATE: denial of service via excessive iteration
- debian/patches/CVE-2019-12973-1.patch: detect invalid file dimensions early in src/bin/jp2/convertbmp.c.
- debian/patches/CVE-2019-12973-2.patch: avoid potential infinite loop in src/bin/jp2/convertbmp.c.
- CVE-2019-12973
- SECURITY UPDATE: heap overflow in opj_t1_clbl_decode_processor
- debian/patches/CVE-2020-6851.patch: reject images whose coordinates are beyond INT_MAX in src/lib/openjp2/j2k.c.
- CVE-2020-6851
- SECURITY UPDATE: another heap overflow in opj_t1_clbl_decode_processor
- debian/patches/CVE-2020-8112.patch: avoid integer overflow in src/lib/openjp2/tcd.c.
- CVE-2020-8112
| | 2 | No.2 Revision |
update Update openjpeg to openjpeg-2.3.1-1ubuntu4 to fix CVE-2019-12973 CVE-2020-6851 CVE-2020-8112 CVE-2018-20847 CVE-2018-21010 CVE-2018-5727 CVE-2017-17480 CVE-2018-14423 CVE-2018-18088 CVE-2018-5785 CVE-2018-6616 critical remote
https://launchpad.net/ubuntu/+source/openjpeg2/2.3.1-1ubuntu4
- SECURITY UPDATE: denial of service via excessive iteration
- debian/patches/CVE-2019-12973-1.patch: detect invalid file dimensions early in src/bin/jp2/convertbmp.c.
- debian/patches/CVE-2019-12973-2.patch: avoid potential infinite loop in src/bin/jp2/convertbmp.c.
- CVE-2019-12973
- SECURITY UPDATE: heap overflow in opj_t1_clbl_decode_processor
- debian/patches/CVE-2020-6851.patch: reject images whose coordinates are beyond INT_MAX in src/lib/openjp2/j2k.c.
- CVE-2020-6851
- SECURITY UPDATE: another heap overflow in opj_t1_clbl_decode_processor
- debian/patches/CVE-2020-8112.patch: avoid integer overflow in src/lib/openjp2/tcd.c.
- CVE-2020-8112