Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
30d1702a by Salvatore Bonaccorso at 2025-08-05T18:05:06+02:00
Add CVE-2025-54874/openjpeg2
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -4555,6 +4555,14 @@ CVE-2023-47356 (Mingyu Security Gateway before v3.0-5.3p
was discovered to conta
NOT-FOR-US: Mingyu Security Gateway
CVE-2023-41566 (OA EKP v16 was discovered to contain an arbitrary download
vulnerabili ...)
NOT-FOR-US: OA EKP
+CVE-2025-54874
+ - openjpeg2 <unfixed>
+ [bookworm] - openjpeg2 <not-affected> (Vulnerable code introduced later)
+ [bullseye] - openjpeg2 <not-affected> (Vulnerable code introduced later)
+ NOTE: https://github.com/uclouvain/openjpeg/pull/1573
+ NOTE: Introduced with:
https://github.com/uclouvain/openjpeg/commit/0f528e95788863608aa1772f5370659edf618793
(v2.5.1)
+ NOTE: Fixed by:
https://github.com/uclouvain/openjpeg/commit/f809b80c67717c152a5ad30bf06774f00da4fd2d
(master)
+ NOTE: https://securitylab.github.com/advisories/GHSL-2025-057_OpenCV/
CVE-2025-53644 (OpenCV is an Open Source Computer Vision Library. Versions
prior to 4. ...)
- opencv 3.2.0+dfsg-1
NOTE: https://securitylab.github.com/advisories/GHSL-2025-057_OpenCV/
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/30d1702a993f448d686a5070da427a8f5decf632
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/30d1702a993f448d686a5070da427a8f5decf632
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
