Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 551
Alerts This Week
Warning Icon 1 551

Fedora 25: 2016-bc8d3f1650 High: LibXYZ Memory Leak Vulnerability

fedora
Calendar Grey October 9, 2016
Dist Fedora Esm H88
The recent upgrade to openjpeg2, specifically version 2.1.2, rectifies vulnerabilities associated with JPEG 2000 management within the Fedora 23 platform.
Update to version 2.1.2, see https://github.com/uclouvain/openjpeg/blob/v2.1.2/CHANGELOG.md for details.

Summary

The OpenJPEG library is an open-source JPEG 2000 library developed in order to

promote the use of JPEG 2000.

This package contains

* JPEG 2000 codec compliant with the Part 1 of the standard (Class-1 Profile-1

compliance).

* JP2 (JPEG 2000 standard Part 2 - Handling of JP2 boxes and extended multiple

component transforms for multispectral and hyperspectral imagery)

Update Information:

Update to version 2.1.2, see https://github.com/uclouvain/openjpeg/blob/v2.1.2/CHANGELOG.md for details.

Change Log

References


[ 1 ] Bug #1377345 - CVE-2016-7445 openjpeg2: Null pointer dereference in convert.c https://bugzilla.redhat.com/show_bug.cgi?id=1377345

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update openjpeg2' at the command line. For more information, refer to "Managing Software with yum", available at .

Severity
important
Lowest
Low
Medium
High
Critical

Name: openjpeg2
Product: Fedora 23
Version: 2.1.2
Release: 1.fc23
Summary: C-Library for JPEG 2000

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.