Updated openjpeg2 packages fix security vulnerability
Publication date: 06 Dec 2019Modification date: 06 Dec 2019
Type: security
Affected Mageia releases : 7
CVE: CVE-2019-12973
Description
The updated packages fix a security vulnerability:
In OpenJPEG 2.3.1, there is excessive iteration in the opj_t1_encode_cblks
function of openjp2/t1.c. Remote attackers could leverage this
vulnerability to cause a denial of service via a crafted bmp file. This
issue is similar to CVE-2018-6616. (CVE-2019-12973)
References
SRPMS
7/core
- openjpeg2-2.3.1-1.1.mga7