-
openjpeg2 (2.3.1-1ubuntu4.20.04.1) focal-security; urgency=medium
* SECURITY UPDATE: use-after-free via directory
- debian/patches/CVE-2020-15389.patch: fix double-free on input
directory with mix of valid and invalid images in
src/bin/jp2/opj_decompress.c.
- CVE-2020-15389
* SECURITY UPDATE: heap-buffer-overflow
- debian/patches/CVE-2020-27814-1.patch: grow buffer size in
src/lib/openjp2/tcd.c.
- debian/patches/CVE-2020-27814-2.patch: grow it again
- debian/patches/CVE-2020-27814-3.patch: and some more
- debian/patches/CVE-2020-27814-4.patch: bigger, BIGGER!!!
- CVE-2020-27814
* SECURITY UPDATE: heap-buffer-overflow write
- debian/patches/CVE-2020-27823.patch: fix wrong computation in
src/bin/jp2/convertpng.c.
- CVE-2020-27823
* SECURITY UPDATE: global-buffer-overflow
- debian/patches/CVE-2020-27824.patch: avoid global buffer overflow on
irreversible conversion when too many decomposition levels are
specified in src/lib/openjp2/dwt.c.
- CVE-2020-27824
* SECURITY UPDATE: out-of-bounds read
- debian/patches/CVE-2020-27841.patch: add extra checks to
src/lib/openjp2/pi.c, src/lib/openjp2/pi.h, src/lib/openjp2/t2.c.
- CVE-2020-27841
* SECURITY UPDATE: null pointer dereference
- debian/patches/CVE-2020-27842.patch: add check to
src/lib/openjp2/t2.c.
- CVE-2020-27842
* SECURITY UPDATE: out-of-bounds read
- debian/patches/CVE-2020-27843.patch: add check to
src/lib/openjp2/t2.c.
- CVE-2020-27843
* SECURITY UPDATE: out-of-bounds read
- debian/patches/CVE-2020-27845.patch: add extra checks to
src/lib/openjp2/pi.c.
- CVE-2020-27845
-- Marc Deslauriers <email address hidden> Wed, 06 Jan 2021 09:44:46 -0500
-
openjpeg2 (2.3.1-1ubuntu4) focal; urgency=medium
* SECURITY UPDATE: denial of service via excessive iteration
- debian/patches/CVE-2019-12973-1.patch: detect invalid file dimensions
early in src/bin/jp2/convertbmp.c.
- debian/patches/CVE-2019-12973-2.patch: avoid potential infinite loop
in src/bin/jp2/convertbmp.c.
- CVE-2019-12973
* SECURITY UPDATE: heap overflow in opj_t1_clbl_decode_processor
- debian/patches/CVE-2020-6851.patch: reject images whose
coordinates are beyond INT_MAX in src/lib/openjp2/j2k.c.
- CVE-2020-6851
* SECURITY UPDATE: another heap overflow in opj_t1_clbl_decode_processor
- debian/patches/CVE-2020-8112.patch: avoid integer overflow in
src/lib/openjp2/tcd.c.
- CVE-2020-8112
-- Marc Deslauriers <email address hidden> Wed, 19 Feb 2020 09:52:00 -0500
-
openjpeg2 (2.3.1-1ubuntu3) focal; urgency=medium
* Actually omit libopenjpip-server, not libkate-tools which is not in
this package.
-- Steve Langasek <email address hidden> Mon, 17 Feb 2020 09:39:20 -0800
-
openjpeg2 (2.3.1-1ubuntu2) focal; urgency=medium
* No-change rebuild with fixed binutils on arm64.
-- Matthias Klose <email address hidden> Mon, 10 Feb 2020 08:14:07 +0100
-
openjpeg2 (2.3.1-1ubuntu1) focal; urgency=medium
* Omit libopenjpip-server on i386, we only want the libraries for
compatibility.
-- Steve Langasek <email address hidden> Tue, 07 Jan 2020 14:52:51 -0800
-
openjpeg2 (2.3.1-1) unstable; urgency=medium
* New upstream release, addressing following security issues:
- CVE-2018-20847 (Closes: #931294)
- CVE-2018-21010 (Closes: #939553)
- CVE-2018-5727 (Closes: #888532)
* Remove following patches, applied upstream:
- CVE-2017-17480.patch
- CVE-2018-14423.patch
- CVE-2018-18088.patch
- CVE-2018-5785.patch
- CVE-2018-6616.patch
* Remove debian/patches/multiarch_path.patch:
- useless since latest upstream changes.
* Bump Standards-Version to 4.4.1.
* Refresh and rework manpages.
* Remove debian/README.source (Closes: #846390).
-- Hugo Lefeuvre <email address hidden> Mon, 07 Oct 2019 13:46:43 +0200
-
openjpeg2 (2.3.0-2build1) focal; urgency=medium
* No change rebuild
-- Eduardo Barretto <email address hidden> Mon, 21 Oct 2019 14:08:40 -0300
-
openjpeg2 (2.3.0-2) unstable; urgency=high
[ Hugo Lefeuvre ]
* CVE-2017-17480: stack-based buffer overflow in the pgxtovolume function in
jp3d/convert.c (Closes: #884738).
* CVE-2018-14423: division-by-zero in pi_next_pcrl, pi_next_cprl, and
pi_next_rpcl in lib/openjp3d/pi.c (Closes: #904873).
* CVE-2018-18088: null pointer dereference in imagetopnm in jp2/convert.c
(Closes: #910763).
* CVE-2018-5785: integer overflow caused by an out-of-bounds left shift in the
opj_j2k_setup_encoder function (openjp2/j2k.c) (Closes: #888533).
* CVE-2018-6616: excessive iteration in the opj_t1_encode_cblks function of
openjp2/t1.c (Closes: #889683).
[ Mathieu Malaterre ]
* Add Hugo as Uploader
-- Mathieu Malaterre <email address hidden> Sun, 10 Mar 2019 18:34:51 +0100
