-
openjpeg2 (2.3.0-2build0.19.04.1) disco-security; urgency=medium
* No change rebuild.
-- Eduardo Barretto <email address hidden> Mon, 21 Oct 2019 10:07:27 -0300
-
openjpeg2 (2.3.0-2) unstable; urgency=high
[ Hugo Lefeuvre ]
* CVE-2017-17480: stack-based buffer overflow in the pgxtovolume function in
jp3d/convert.c (Closes: #884738).
* CVE-2018-14423: division-by-zero in pi_next_pcrl, pi_next_cprl, and
pi_next_rpcl in lib/openjp3d/pi.c (Closes: #904873).
* CVE-2018-18088: null pointer dereference in imagetopnm in jp2/convert.c
(Closes: #910763).
* CVE-2018-5785: integer overflow caused by an out-of-bounds left shift in the
opj_j2k_setup_encoder function (openjp2/j2k.c) (Closes: #888533).
* CVE-2018-6616: excessive iteration in the opj_t1_encode_cblks function of
openjp2/t1.c (Closes: #889683).
[ Mathieu Malaterre ]
* Add Hugo as Uploader
-- Mathieu Malaterre <email address hidden> Sun, 10 Mar 2019 18:34:51 +0100
-
openjpeg2 (2.3.0-1.1) unstable; urgency=medium
* Non-maintainer upload.
* Fix "FTBFS with Java 9 due to -source/-target only":
apply patch by Markus Koschany to build with Java 9 or later.
(Closes: #873997)
-- gregor herrmann <email address hidden> Sun, 02 Dec 2018 18:18:22 +0100
-
openjpeg2 (2.3.0-1) unstable; urgency=medium
* New upstream release. Closes: #877758
* Drop explicit -dbg package. Closes: #877676
* Fix CVE-2017-14041. Closes: #874115
* Fix CVE-2017-14151. Closes: #874430
* Fix CVE-2017-14152. Closes: #874431
-- Mathieu Malaterre <email address hidden> Mon, 16 Oct 2017 07:43:41 +0200
