Updated openjpeg2 packages fix security vulnerabilities
Publication date: 24 Aug 2017Type: security
Affected Mageia releases : 5 , 6
Description
Patches from upstream have been added to fix two heap-based buffer overflows and a memory allocation failure.
References
- https://bugs.mageia.org/show_bug.cgi?id=21572
- https://blogs.gentoo.org/ago/2017/08/16/openjpeg-heap-based-buffer-overflow-in-opj_write_bytes_le-cio-c/
- https://blogs.gentoo.org/ago/2017/08/14/openjpeg-memory-allocation-failure-in-opj_aligned_alloc_n-opj_malloc-c/
- https://blogs.gentoo.org/ago/2017/08/16/openjpeg-heap-based-buffer-overflow-in-opj_mqc_flush-mqc-c/
SRPMS
5/core
- openjpeg2-2.2.0-1.1.mga5
6/core
- openjpeg2-2.2.0-1.1.mga6