Information on source package openjpeg2

Available versions

ReleaseVersion
jessie (security)2.1.0-2+deb8u2
stretch2.1.2-1.1
buster2.1.2-1.1
sid2.1.2-1.1

Open issues

BugjessiestretchbustersidDescription
CVE-2016-9118vulnerablevulnerablevulnerablevulnerableHeap Buffer Overflow (WRITE of size 4) in function pnmtoimage of ...
CVE-2016-9112vulnerablevulnerablevulnerablevulnerableFloating Point Exception (aka FPE or divide by zero) in ...
CVE-2016-5158vulnerablevulnerablevulnerablevulnerableMultiple integer overflows in the opj_tcd_init_tile function in tcd.c ...
CVE-2016-5157vulnerablefixedfixedfixedHeap-based buffer overflow in the opj_dwt_interleave_v function in ...
CVE-2016-5152vulnerablevulnerablevulnerablevulnerableInteger overflow in the opj_tcd_get_decoded_tile_size function in ...
CVE-2016-5139vulnerablefixedfixedfixedMultiple integer overflows in the opj_tcd_init_tile function in tcd.c ...
CVE-2016-3183vulnerable (no DSA)fixedfixedfixedThe sycc422_t_rgb function in common/color.c in OpenJPEG before 2.1.1 ...
CVE-2016-1923vulnerable (no DSA)fixedfixedfixedHeap-based buffer overflow in the opj_j2k_update_image_data function ...
CVE-2016-1628vulnerablevulnerablevulnerablevulnerablepi.c in OpenJPEG, as used in PDFium in Google Chrome before ...
CVE-2016-1626vulnerablevulnerablevulnerablevulnerableThe opj_pi_update_decode_poc function in pi.c in OpenJPEG, as used in ...
CVE-2014-7947vulnerable (no DSA)fixedfixedfixedOpenJPEG before r2944, as used in PDFium in Google Chrome before ...

Open unimportant issues

BugjessiestretchbustersidDescription
CVE-2016-9581vulnerablevulnerablevulnerablevulnerableinfinite loop in tiftoimage resulting into heap buffer overflow in convert_32s_C1P1
CVE-2016-9580vulnerablevulnerablevulnerablevulnerableinteger overflow in tiftoimage resulting into heap buffer overflow
CVE-2016-9117vulnerablevulnerablevulnerablevulnerableNULL Pointer Access in function imagetopnm of convert.c(jp2):1289 in ...
CVE-2016-9116vulnerablevulnerablevulnerablevulnerableNULL Pointer Access in function imagetopnm of convert.c:2226(jp2) in ...
CVE-2016-9115vulnerablevulnerablevulnerablevulnerableHeap Buffer Over-read in function imagetotga of convert.c(jp2):942 in ...
CVE-2016-9114vulnerablevulnerablevulnerablevulnerableThere is a NULL Pointer Access in function imagetopnm of ...
CVE-2016-9113vulnerablevulnerablevulnerablevulnerableThere is a NULL pointer dereference in function imagetobmp of ...
CVE-2016-7445vulnerablefixedfixedfixedconvert.c in OpenJPEG before 2.1.2 allows remote attackers to cause a ...

Resolved issues

BugDescription
CVE-2016-9573
CVE-2016-9572
CVE-2016-8332A buffer overflow in OpenJPEG 2.1.1 causes arbitrary code execution ...
CVE-2016-7163Integer overflow in the opj_pi_create_decode function in pi.c in ...
CVE-2016-5159Multiple integer overflows in OpenJPEG, as used in PDFium in Google ...
CVE-2016-4797Divide-by-zero vulnerability in the opj_tcd_init_tile function in ...
CVE-2016-4796Heap-based buffer overflow in the color_cmyk_to_rgb in common/color.c ...
CVE-2016-3182Heap Corruption in opj_free function
CVE-2016-3181Out-Of-Bounds Read in opj_tcd_free_tile function
CVE-2016-1924The opj_tgt_reset function in OpenJpeg 2016.1.18 allows remote ...
CVE-2015-8871Use-after-free vulnerability in the opj_j2k_write_mco function in ...
CVE-2015-6581Double free vulnerability in the ...

Security announcements

DSA / DLADescription
DSA-3768-1openjpeg2 - security update
DSA-3665-1openjpeg2 - security update

Search for package or bug name: Reporting problems