Debian: DSA-4013-1: openjpeg2 security update
Debian: DSA-4013-1: openjpeg2 security update
Multiple vulnerabilities in OpenJPEG, a JPEG 2000 image compression / decompression library, may result in denial of service or the execution of arbitrary code if a malformed JPEG 2000 file is processed.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4013-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Moritz Muehlenhoff October 31, 2017 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : openjpeg2 CVE ID : CVE-2016-1628 CVE-2016-5152 CVE-2016-5157 CVE-2016-9118 CVE-2016-10504 CVE-2017-14039 CVE-2017-14040 CVE-2017-14041 CVE-2017-14151 CVE-2017-14152 Multiple vulnerabilities in OpenJPEG, a JPEG 2000 image compression / decompression library, may result in denial of service or the execution of arbitrary code if a malformed JPEG 2000 file is processed. For the oldstable distribution (jessie), these problems have been fixed in version 2.1.0-2+deb8u3. For the stable distribution (stretch), these problems have been fixed in version 2.1.2-1.1+deb9u2. We recommend that you upgrade your openjpeg2 packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.