Updated openjpeg2 packages fix security vulnerabilities
Publication date: 05 Jan 2019Type: security
Affected Mageia releases : 6
CVE: CVE-2017-17479 , CVE-2017-17480 , CVE-2018-5785 , CVE-2018-6616 , CVE-2018-18088
Description
A stack-based buffer overflow in the pgxtoimage function in
jpwl/convert.c could crash the converter (CVE-2017-17479).
A stack-based buffer overflow in the pgxtovolume function in
jp3d/convert.c could crash the converter (CVE-2017-17480).
A flaw was found in OpenJPEG 2.3.0, there is an integer overflow caused
by an out-of-bounds left shift in the opj_j2k_setup_encoder function
(openjp2/j2k.c). Remote attackers could leverage this vulnerability to
cause a denial of service via a crafted bmp file (CVE-2018-5785).
In OpenJPEG 2.3.0, there is excessive iteration in the
opj_t1_encode_cblks function of openjp2/t1.c. Attackers could leverage
this vulnerability to cause a denial of service via a crafted bmp file
(CVE-2018-6616).
A flaw was found in OpenJPEG 2.3.0. A NULL pointer dereference for "red"
in the imagetopnm function of jp2/convert.c (CVE-2018-18088).
References
- https://bugs.mageia.org/show_bug.cgi?id=23147
- https://lists.opensuse.org/opensuse-updates/2018-05/msg00086.html
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/HKAGXKPJ2Z4TMUR3TVLTQ7SMTTIYGJKK/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/JAZ5ZQP5XJ23SE3ECBP4QQF2CGMK6USD/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17479
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17480
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5785
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6616
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18088
SRPMS
6/core
- openjpeg2-2.2.0-1.3.mga6