[ubuntu/disco-proposed] openjpeg2 2.3.0-2 (Accepted)

Jeremy Bicha jeremy at bicha.net
Mon Mar 11 01:25:31 UTC 2019

openjpeg2 (2.3.0-2) unstable; urgency=high

  [ Hugo Lefeuvre ]
  * CVE-2017-17480: stack-based buffer overflow in the pgxtovolume function in
    jp3d/convert.c (Closes: #884738).
  * CVE-2018-14423: division-by-zero in pi_next_pcrl, pi_next_cprl, and
    pi_next_rpcl in lib/openjp3d/pi.c (Closes: #904873).
  * CVE-2018-18088: null pointer dereference in imagetopnm in jp2/convert.c
    (Closes: #910763).
  * CVE-2018-5785: integer overflow caused by an out-of-bounds left shift in the
    opj_j2k_setup_encoder function (openjp2/j2k.c) (Closes: #888533).
  * CVE-2018-6616: excessive iteration in the opj_t1_encode_cblks function of
    openjp2/t1.c (Closes: #889683).

  [ Mathieu Malaterre ]
  * Add Hugo as Uploader

Date: 2019-03-10 22:37:33.916035+00:00
Signed-By: Jeremy Bicha <jeremy at bicha.net>
-------------- next part --------------
Sorry, changesfile not available.

More information about the Disco-changes mailing list