Advisories » MGASA-2017-0299

Updated openjpeg2 packages fix security vulnerabilities

Publication date: 24 Aug 2017
Type: security
Affected Mageia releases : 5 , 6

Description

Patches from upstream have been added to fix two heap-based buffer
overflows and a memory allocation failure.
                

References

• https://bugs.mageia.org/show_bug.cgi?id=21572
• https://blogs.gentoo.org/ago/2017/08/16/openjpeg-heap-based-buffer-overflow-in-opj_write_bytes_le-cio-c/
• https://blogs.gentoo.org/ago/2017/08/14/openjpeg-memory-allocation-failure-in-opj_aligned_alloc_n-opj_malloc-c/
• https://blogs.gentoo.org/ago/2017/08/16/openjpeg-heap-based-buffer-overflow-in-opj_mqc_flush-mqc-c/

SRPMS

5/core

• openjpeg2-2.2.0-1.1.mga5

6/core

• openjpeg2-2.2.0-1.1.mga6