Updated openjpeg packages fix security vulnerability
Publication date: 02 May 2017Type: security
Affected Mageia releases : 5
CVE: CVE-2016-5139 , CVE-2016-5158 , CVE-2016-5159 , CVE-2016-7163 , CVE-2016-9573
Description
Multiple integer overflows in the opj_tcd_init_tile function in tcd.c in OpenJPEG, as used in PDFium in Google Chrome before 52.0.2743.116, allow remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted JPEG 2000 data. (CVE-2016-5139) Multiple integer overflows in the opj_tcd_init_tile function in tcd.c in OpenJPEG, as used in PDFium in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allow remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted JPEG 2000 data. (CVE-2016-5158) Multiple integer overflows in OpenJPEG, as used in PDFium in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allow remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted JPEG 2000 data that is mishandled during opj_aligned_malloc calls in dwt.c and t1.c. (CVE-2016-5159) Integer overflow in the opj_pi_create_decode function in pi.c in OpenJPEG allows remote attackers to execute arbitrary code via a crafted JP2 file, which triggers an out-of-bounds read or write. (CVE-2016-7163) An out-of-bounds read vulnerability was found in OpenJPEG, in the j2k_to_image tool. Converting a specially crafted JPEG2000 file to another format could cause the application to crash or, potentially, disclose some data from the heap. (CVE-2016-9573
References
- https://bugs.mageia.org/show_bug.cgi?id=20559
- https://rhn.redhat.com/errata/RHSA-2017-0838.html
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5139
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5158
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5159
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7163
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9573
SRPMS
5/core
- openjpeg-1.5.2-5.2.mga5