Alerts This Week
Warning Icon 1 692
Alerts This Week
Warning Icon 1 692

Fedora 27: 2018-64d64bd05e Moderate: OpenJPEG2 Integer Overflow

fedora
Calendar Grey October 14, 2018
Dist Fedora Esm H88
This notice pertains to CVE-2021-2345 concerning Ubuntu 20.04's libjpeg-turbo package, providing essential corrections and information.
This update fixes CVE-2018-5785.

Summary

The OpenJPEG library is an open-source JPEG 2000 library developed in order to

promote the use of JPEG 2000.

This package contains

* JPEG 2000 codec compliant with the Part 1 of the standard (Class-1 Profile-1

compliance).

* JP2 (JPEG 2000 standard Part 2 - Handling of JP2 boxes and extended multiple

component transforms for multispectral and hyperspectral imagery)

This update fixes CVE-2018-5785.

* Thu Oct 4 2018 Sandro Mani - 2.3.0-9

- Backport patch for CVE-2018-5785 (#1537758)

* Fri Jul 13 2018 Fedora Release Engineering - 2.3.0-8

- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild

* Wed Mar 7 2018 Sandro Mani - 2.3.0-7

- BR: gcc-c++

* Mon Feb 19 2018 Sandro Mani - 2.3.0-6

- Add missing BR: gcc, make

* Thu Feb 8 2018 Fedora Release Engineering - 2.3.0-5

- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild

* Sat Feb 3 2018 Igor Gnatenko - 2.3.0-4

- Switch to %ldconfig_scriptlets

* Mon Dec 25 2017 Sandro Mani - 2.3.0-3

- Rename tool names at cmake level to ensure OpenJPEGTargets.cmake refers to the renamed files

* Mon Dec 25 2017 Sandro Mani - 2.3.0-2

- Use BUILD_STATIC_LIBS=OFF instead of deleting the static library after build

[ 1 ] Bug #1537758 - CVE-2018-5785 openjpeg: integer overflow in opj_j2k_setup_encoder function in openjp2/j2k.c

https://bugzilla.redhat.com/show_bug.cgi?id=1537758

su -c 'dnf upgrade --advisory FEDORA-2018-64d64bd05e' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/

List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/

Topics%20covered

Topics Covered

security advisory Fedora package update security fix integer overflow moderate risk openjpeg2

Change Log

References

Update Instructions

Severity
important
Lowest
Low
Medium
High
Critical

Product: Fedora 27
Version: 2.3.0
Release: 9.fc27
URL: https://github.com/uclouvain/openjpeg
Summary: C-Library for JPEG 2000

Topics%20covered

Topics Covered

security advisory Fedora package update security fix integer overflow moderate risk openjpeg2

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here