Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 454
Alerts This Week
Warning Icon 1 454

Fedora 25: 2017-f6e3215f2b Critical: MinGW OpenJPEG2 Multiple Issues

fedora
Calendar Grey August 20, 2017
Dist Fedora Esm H88
Fedora 25 releases an update for mingw-openjpeg2, which resolves concerns such as floating point errors and various security vulnerabilities.
Update to version 2.2.0, see https://github.com/uclouvain/openjpeg/blob/v2.2.0/NEWS.md for details.

Summary

MinGW Windows openjpeg2 library.

Update to version 2.2.0, see

https://github.com/uclouvain/openjpeg/blob/v2.2.0/NEWS.md for details.

[ 1 ] Bug #1390235 - CVE-2016-9112 CVE-2016-9113 CVE-2016-9114 CVE-2016-9115 CVE-2016-9116 CVE-2016-9117 CVE-2016-9118 mingw-openjpeg2: openjpeg2: Multiple security issues [fedora-all]

https://bugzilla.redhat.com/show_bug.cgi?id=1390235

[ 2 ] Bug #1418151 - CVE-2016-9112 mingw-openjpeg: openjpeg2: Floating point exception vulnerability in openjpeg2 when processing untrusted images [fedora-all]

https://bugzilla.redhat.com/show_bug.cgi?id=1418151

su -c 'dnf upgrade mingw-openjpeg2' at the command line.

For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Change Log

References

Update Instructions

Severity
critical
Lowest
Low
Medium
High
Critical

Product: Fedora 25
Version: 2.2.0
Release: 1.fc25
Summary: MinGW Windows openjpeg2 library

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.