Information on source package openjpeg2

Available versions

ReleaseVersion
jessie (security)2.1.0-2+deb8u2
stretch2.1.2-1.1
sid2.1.2-1.1

Open issues

BugjessiestretchsidDescription
CVE-2016-9118vulnerablevulnerablevulnerableHeap Buffer Overflow (WRITE of size 4) in function pnmtoimage of ...
CVE-2016-9112vulnerablevulnerablevulnerableFloating Point Exception (aka FPE or divide by zero) in ...
CVE-2016-5158vulnerablevulnerablevulnerableMultiple integer overflows in the opj_tcd_init_tile function in tcd.c ...
CVE-2016-5157vulnerablefixedfixedHeap-based buffer overflow in the opj_dwt_interleave_v function in ...
CVE-2016-5152vulnerablevulnerablevulnerableInteger overflow in the opj_tcd_get_decoded_tile_size function in ...
CVE-2016-5139vulnerablefixedfixedMultiple integer overflows in the opj_tcd_init_tile function in tcd.c ...
CVE-2016-3183vulnerable (no DSA)fixedfixedThe sycc422_t_rgb function in common/color.c in OpenJPEG before 2.1.1 ...
CVE-2016-1923vulnerable (no DSA)fixedfixedHeap-based buffer overflow in the opj_j2k_update_image_data function ...
CVE-2016-1628vulnerablevulnerablevulnerablepi.c in OpenJPEG, as used in PDFium in Google Chrome before ...
CVE-2016-1626vulnerablevulnerablevulnerableThe opj_pi_update_decode_poc function in pi.c in OpenJPEG, as used in ...
CVE-2014-7947vulnerable (no DSA)fixedfixedOpenJPEG before r2944, as used in PDFium in Google Chrome before ...

Open unimportant issues

BugjessiestretchsidDescription
CVE-2016-9581vulnerablevulnerablevulnerableinfinite loop in tiftoimage resulting into heap buffer overflow in convert_32s_C1P1
CVE-2016-9580vulnerablevulnerablevulnerableinteger overflow in tiftoimage resulting into heap buffer overflow
CVE-2016-9117vulnerablevulnerablevulnerableNULL Pointer Access in function imagetopnm of convert.c(jp2):1289 in ...
CVE-2016-9116vulnerablevulnerablevulnerableNULL Pointer Access in function imagetopnm of convert.c:2226(jp2) in ...
CVE-2016-9115vulnerablevulnerablevulnerableHeap Buffer Over-read in function imagetotga of convert.c(jp2):942 in ...
CVE-2016-9114vulnerablevulnerablevulnerableThere is a NULL Pointer Access in function imagetopnm of ...
CVE-2016-9113vulnerablevulnerablevulnerableThere is a NULL pointer dereference in function imagetobmp of ...
CVE-2016-7445vulnerablefixedfixedconvert.c in OpenJPEG before 2.1.2 allows remote attackers to cause a ...

Resolved issues

BugDescription
CVE-2016-9573
CVE-2016-9572
CVE-2016-8332A buffer overflow in OpenJPEG 2.1.1 causes arbitrary code execution ...
CVE-2016-7163Integer overflow in the opj_pi_create_decode function in pi.c in ...
CVE-2016-5159Multiple integer overflows in OpenJPEG, as used in PDFium in Google ...
CVE-2016-4797Divide-by-zero vulnerability in the opj_tcd_init_tile function in ...
CVE-2016-4796Heap-based buffer overflow in the color_cmyk_to_rgb in common/color.c ...
CVE-2016-3182Heap Corruption in opj_free function
CVE-2016-3181Out-Of-Bounds Read in opj_tcd_free_tile function
CVE-2016-1924The opj_tgt_reset function in OpenJpeg 2016.1.18 allows remote ...
CVE-2015-8871Use-after-free vulnerability in the opj_j2k_write_mco function in ...
CVE-2015-6581Double free vulnerability in the ...

Security announcements

DSA / DLADescription
DSA-3768-1openjpeg2 - security update
DSA-3665-1openjpeg2 - security update

Search for package or bug name: Reporting problems