Alerts This Week
Warning Icon 1 758
Alerts This Week
Warning Icon 1 758

Debian 8 Jessie DLA-1433-1 Critical Update: Openjpeg2 DoS Vulnerability Fix

debian lts
Calendar Grey July 19, 2018
Dist Debian Esm H88
Update openjpeg2 to address denial of service vulnerabilities in Debian 8 Jessie, specifically with the release 2.1.0-2+deb8u4 to bolster system security.
CVE-2015-1239 Fix for denial of service (process crash) via a crafted PDF

Summary

CVE-2015-1239
Fix for denial of service (process crash) via a crafted PDF.

CVE-2016-5139
Fix for integer overflows, allowing a denial of service
(heap-based buffer overflow) or possibly have unspecified
other impact via crafted JPEG 2000 data.


For Debian 8 "Jessie", these problems have been fixed in version
2.1.0-2+deb8u4.

We recommend that you upgrade your openjpeg2 packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS



Severity
critical
Lowest
Low
Medium
High
Critical

Package: openjpeg2
Version: 2.1.0-2+deb8u4
CVE ID: CVE-2015-1239 CVE-2016-5139

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here