[ubuntu/xenial-security] openjpeg2 2.1.2-1.1+deb9u2build0.1 (Accepted)

Eduardo dos Santos Barretto eduardo.barretto at canonical.com
Mon Sep 3 15:07:06 UTC 2018 

openjpeg2 (2.1.2-1.1+deb9u2build0.1) xenial-security; urgency=medium

  * SECURITY UPDATE: sync from Debian stretch-security
    - Ubuntu changes were applied upstream, so dropping.

openjpeg2 (2.1.2-1.1+deb9u2) stretch-security; urgency=medium

  * Fix whitespace/indent mess
  * CVE-2017-14039: CVE-2017-14039.patch
  * CVE-2017-14040: 2cd30c2b06ce332dede81cccad8b334cde997281.patch
  * CVE-2017-14041: e5285319229a5d77bf316bb0d3a6cbd3cb8666d9.patch
  * CVE-2017-14151: afb308b9ccbe129608c9205cf3bb39bbefad90b9.patch
  * CVE-2017-14152: dcac91b8c72f743bda7dbfa9032356bc8110098a.patch

openjpeg2 (2.1.2-1.1+deb9u1) stretch-security; urgency=medium

  * CVE-2016-9118: c22cbd8bdf8ff2ae372f94391a4be2d322b36b41.patch
  * CVE-2016-5152: 3fbe71369019df0b47c7a2be4fab8c05768f2f32.patch
  * CVE-2016-1628: 11445eddad7e7fa5b273d1c83c91011c44e5d586.patch
  * CVE-2016-10504: 397f62c0a838e15d667ef50e27d5d011d2c79c04.patch

openjpeg2 (2.1.2-1.1) unstable; urgency=medium

  * Non-maintainer upload.
  * Add CVE-2016-9572_CVE-2016-9573.patch patch.
    CVE-2016-9572: NULL pointer dereference in input decoding
    CVE-2016-9573: Heap out-of-bounds read due to insufficient check in
    imagetopnm(). (Closes: #851422)

openjpeg2 (2.1.2-1) unstable; urgency=medium

  * New upstream. Closes: #839120
  * Fix CVE-2016-7163. Closes: #837604
  * Fix CVE-2016-7445. Closes: #838690
  * Remove patches applied upstream:

openjpeg2 (2.1.1-1) unstable; urgency=medium

  * New upstream. Closes: #829734
    + d/watch points toward github now
    + Fix man page typos. Closes: #772889, #784377
    + Raise priority to optional. Closes: #822577
    + Fix multiple CVEs: Closes: #800453, #800149, #818399
  * Fix pc file. Closes: #787383
  * Remove reference to contrib. Closes: #820190
  * Bump Std-Vers to 3.9.8, no changes needed

Date: 2018-08-31 18:50:24.019443+00:00
Changed-By: Eduardo dos Santos Barretto <eduardo.barretto at canonical.com>
https://launchpad.net/ubuntu/+source/openjpeg2/2.1.2-1.1+deb9u2build0.1
-------------- next part --------------
Sorry, changesfile not available.

More information about the Xenial-changes mailing list