Information on source package openjpeg2

Available versions

ReleaseVersion
jessie (security)2.1.0-2+deb8u3
stretch (security)2.1.2-1.1+deb9u2
buster2.3.0-1
sid2.3.0-1

Open issues

BugjessiestretchbustersidDescription
CVE-2017-17480vulnerablevulnerablevulnerablevulnerableIn OpenJPEG 2.3.0, a stack-based buffer overflow was discovered in the ...
CVE-2017-17479vulnerablevulnerablevulnerablevulnerableIn OpenJPEG 2.3.0, a stack-based buffer overflow was discovered in the ...
CVE-2016-9112vulnerable (no DSA)vulnerable (no DSA)fixedfixedFloating Point Exception (aka FPE or divide by zero) in ...
CVE-2016-5158vulnerablefixedfixedfixedMultiple integer overflows in the opj_tcd_init_tile function in tcd.c ...
CVE-2016-5139vulnerablefixedfixedfixedMultiple integer overflows in the opj_tcd_init_tile function in tcd.c ...
CVE-2016-3183vulnerable (no DSA)fixedfixedfixedThe sycc422_t_rgb function in common/color.c in OpenJPEG before 2.1.1 ...
CVE-2016-1923vulnerable (no DSA)fixedfixedfixedHeap-based buffer overflow in the opj_j2k_update_image_data function ...
CVE-2016-1626vulnerablevulnerablefixedfixedThe opj_pi_update_decode_poc function in pi.c in OpenJPEG, as used in ...
CVE-2015-1239vulnerablefixedfixedfixedDouble free vulnerability in the j2k_read_ppm_v3 function in OpenJPEG ...
CVE-2014-7947vulnerable (no DSA)fixedfixedfixedOpenJPEG before r2944, as used in PDFium in Google Chrome before ...

Open unimportant issues

BugjessiestretchbustersidDescription
CVE-2017-12982vulnerablevulnerablevulnerablevulnerableThe bmp_read_info_header function in bin/jp2/convertbmp.c in OpenJPEG ...
CVE-2016-9581vulnerablevulnerablevulnerablevulnerableinfinite loop in tiftoimage resulting into heap buffer overflow in convert_32s_C1P1
CVE-2016-9580vulnerablevulnerablevulnerablevulnerableinteger overflow in tiftoimage resulting into heap buffer overflow
CVE-2016-9117vulnerablevulnerablevulnerablevulnerableNULL Pointer Access in function imagetopnm of convert.c(jp2):1289 in ...
CVE-2016-9116vulnerablevulnerablevulnerablevulnerableNULL Pointer Access in function imagetopnm of convert.c:2226(jp2) in ...
CVE-2016-9115vulnerablevulnerablevulnerablevulnerableHeap Buffer Over-read in function imagetotga of convert.c(jp2):942 in ...
CVE-2016-9114vulnerablevulnerablevulnerablevulnerableThere is a NULL Pointer Access in function imagetopnm of ...
CVE-2016-9113vulnerablevulnerablevulnerablevulnerableThere is a NULL pointer dereference in function imagetobmp of ...
CVE-2016-7445vulnerablefixedfixedfixedconvert.c in OpenJPEG before 2.1.2 allows remote attackers to cause a ...
CVE-2016-10506vulnerablevulnerablevulnerablevulnerableDivision-by-zero vulnerabilities in the functions opj_pi_next_cprl, ...
CVE-2016-10505vulnerablevulnerablevulnerablevulnerableNULL pointer dereference vulnerabilities in the imagetopnm function in ...

Resolved issues

BugDescription
CVE-2017-14164A size-validation issue was discovered in opj_j2k_write_sot in ...
CVE-2017-14152A mishandled zero case was discovered in opj_j2k_set_cinema_parameters ...
CVE-2017-14151An off-by-one error was discovered in ...
CVE-2017-14041A stack-based buffer overflow was discovered in the pgxtoimage function ...
CVE-2017-14040An invalid write access was discovered in bin/jp2/convert.c in OpenJPEG ...
CVE-2017-14039A heap-based buffer overflow was discovered in the opj_t2_encode_packet ...
CVE-2016-9573
CVE-2016-9572
CVE-2016-9118Heap Buffer Overflow (WRITE of size 4) in function pnmtoimage of ...
CVE-2016-8332A buffer overflow in OpenJPEG 2.1.1 causes arbitrary code execution ...
CVE-2016-7163Integer overflow in the opj_pi_create_decode function in pi.c in ...
CVE-2016-5159Multiple integer overflows in OpenJPEG, as used in PDFium in Google ...
CVE-2016-5157Heap-based buffer overflow in the opj_dwt_interleave_v function in ...
CVE-2016-5152Integer overflow in the opj_tcd_get_decoded_tile_size function in ...
CVE-2016-4797Divide-by-zero vulnerability in the opj_tcd_init_tile function in ...
CVE-2016-4796Heap-based buffer overflow in the color_cmyk_to_rgb in common/color.c ...
CVE-2016-3182Heap Corruption in opj_free function
CVE-2016-3181Out-Of-Bounds Read in opj_tcd_free_tile function
CVE-2016-1924The opj_tgt_reset function in OpenJpeg 2016.1.18 allows remote ...
CVE-2016-1628pi.c in OpenJPEG, as used in PDFium in Google Chrome before ...
CVE-2016-10507Integer overflow vulnerability in the bmp24toimage function in ...
CVE-2016-10504Heap-based buffer overflow vulnerability in the opj_mqc_byteout ...
CVE-2015-8871Use-after-free vulnerability in the opj_j2k_write_mco function in ...
CVE-2015-6581Double free vulnerability in the ...

Security announcements

DSA / DLADescription
DSA-4013-1openjpeg2 - security update
DSA-4013-1openjpeg2 - security update
DSA-3768-1openjpeg2 - security update
DSA-3665-1openjpeg2 - security update

Search for package or bug name: Reporting problems