Updated openjpeg2 packages fix security vulnerabilities
Publication date: 05 Jan 2019Type: security
Affected Mageia releases : 6
CVE: CVE-2017-17479 , CVE-2017-17480 , CVE-2018-5785 , CVE-2018-6616 , CVE-2018-18088
Description
A stack-based buffer overflow in the pgxtoimage function in jpwl/convert.c could crash the converter (CVE-2017-17479). A stack-based buffer overflow in the pgxtovolume function in jp3d/convert.c could crash the converter (CVE-2017-17480). A flaw was found in OpenJPEG 2.3.0, there is an integer overflow caused by an out-of-bounds left shift in the opj_j2k_setup_encoder function (openjp2/j2k.c). Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file (CVE-2018-5785). In OpenJPEG 2.3.0, there is excessive iteration in the opj_t1_encode_cblks function of openjp2/t1.c. Attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file (CVE-2018-6616). A flaw was found in OpenJPEG 2.3.0. A NULL pointer dereference for "red" in the imagetopnm function of jp2/convert.c (CVE-2018-18088).
References
- https://bugs.mageia.org/show_bug.cgi?id=23147
- https://lists.opensuse.org/opensuse-updates/2018-05/msg00086.html
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/HKAGXKPJ2Z4TMUR3TVLTQ7SMTTIYGJKK/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/JAZ5ZQP5XJ23SE3ECBP4QQF2CGMK6USD/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17479
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17480
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5785
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6616
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18088
SRPMS
6/core
- openjpeg2-2.2.0-1.3.mga6