Univention Bugzilla – Bug 52079
(ES 4.3) openjpeg2
Last modified: 2020-11-30 12:42:06 CET
Provide openjpeg2 version 2.1.2-1.1+deb9u5 for UCS 4.3 First imported at bug #51710 This update addresses the following issues: * Denial of service in function opj_t1_encode_cblks in openjp2/t1.c (CVE-2019-12973) * Heap-based buffer overflow in opj_t1_clbl_decode_processor() (CVE-2020-6851) * Heap-based buffer overflow in pj_t1_clbl_decode_processor in openjp2/t1.c (CVE-2020-8112) * Use-after-free and double-free via a mix of valid and invalid files in a directory operated on by the decompressor (CVE-2020-15389)
-> apt-cache policy libopenjp2-7 libopenjp2-7: Installiert: 2.1.2-1.1+deb9u5 Installationskandidat: 2.1.2-1.1+deb9u5 Versionstabelle: *** 2.1.2-1.1+deb9u5 500 500 http://192.168.0.10/build2 ucs_4.3-0-extsec4.3/amd64/ Packages
CLOSED: Released as extsec4.3 update