[ubuntu/jammy-updates] openjpeg2 2.4.0-6ubuntu0.3 (Accepted)

Wed Jan 22 15:59:21 UTC 2025

openjpeg2 (2.4.0-6ubuntu0.3) jammy-security; urgency=medium

  * SECURITY UPDATE: Heap buffer overflow.
    - debian/patches/CVE-2024-56826.patch: Add comp12w variable and
      comparisons in src/bin/common/color.c.
    - debian/patches/CVE-2024-56827.patch: Add l_current_tile_part comparison
      to check again total number of tile parts in src/bin/openjp2/j2k.c.
    - CVE-2024-56826
    - CVE-2024-56827

Date: 2025-01-21 21:27:17.360922+00:00
Changed-By: Hlib Korzhynskyy <hlib.korzhynskyy at canonical.com>
Signed-By: Ubuntu Archive Robot <ubuntu-archive-robot at lists.canonical.com>
https://launchpad.net/ubuntu/+source/openjpeg2/2.4.0-6ubuntu0.3
-------------- next part --------------
Sorry, changesfile not available.