--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2018-b7a74678b1
2018-03-11 19:42:17.971186
--------------------------------------------------------------------------------

Name        : openjpeg2
Product     : Fedora EPEL 7
Version     : 2.3.0
Release     : 6.el7
URL         : https://github.com/uclouvain/openjpeg
Summary     : C-Library for JPEG 2000
Description :
The OpenJPEG library is an open-source JPEG 2000 library developed in order to
promote the use of JPEG 2000.

This package contains
* JPEG 2000 codec compliant with the Part 1 of the standard (Class-1 Profile-1
  compliance).
* JP2 (JPEG 2000 standard Part 2 - Handling of JP2 boxes and extended multiple
  component transforms for multispectral and hyperspectral imagery)

--------------------------------------------------------------------------------
Update Information:

Security fix for CVE-2016-8332 CVE-2016-9112 CVE-2016-9113 CVE-2016-9114
CVE-2016-9115 CVE-2016-9116 CVE-2016-9117 CVE-2016-9118 and many others.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1487393 - CVE-2017-14151 CVE-2017-14152 openjpeg2: various flaws 
[epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1487393
  [ 2 ] Bug #1487381 - CVE-2016-10504 CVE-2016-10505 CVE-2016-10506 
CVE-2016-10507 openjpeg2: various flaws [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1487381
  [ 3 ] Bug #1418152 - CVE-2016-9112 openjpeg2: Floating point exception 
vulnerability in openjpeg2 when processing untrusted images [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1418152
  [ 4 ] Bug #1335486 - CVE-2016-4796 CVE-2016-4797 openjpeg2: various flaws 
[epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1335486
  [ 5 ] Bug #1487769 - CVE-2017-14039 CVE-2017-14164 CVE-2017-17479 
CVE-2017-17480 openjpeg2: various flaws [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1487769
  [ 6 ] Bug #1487366 - CVE-2017-14040 CVE-2017-14041 openjpeg2: various flaws 
[epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1487366
  [ 7 ] Bug #1435069 - CVE-2016-9573 openjpeg2: openjpeg: heap out-of-bounds 
read due to insufficient check in imagetopnm() [epel-7]
        https://bugzilla.redhat.com/show_bug.cgi?id=1435069
  [ 8 ] Bug #1422754 - CVE-2016-5139 CVE-2016-5158 CVE-2016-5159 openjpeg2: 
various flaws [epel-7]
        https://bugzilla.redhat.com/show_bug.cgi?id=1422754
  [ 9 ] Bug #1422753 - CVE-2016-5139 CVE-2016-5158 CVE-2016-5159 openjpeg2: 
various flaws [epel-6]
        https://bugzilla.redhat.com/show_bug.cgi?id=1422753
  [ 10 ] Bug #1405140 - CVE-2016-9580 CVE-2016-9581 openjpeg2: various flaws 
[epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1405140
  [ 11 ] Bug #1402722 - CVE-2016-9573 CVE-2016-9572 openjpeg2: various flaws 
[epel-6]
        https://bugzilla.redhat.com/show_bug.cgi?id=1402722
  [ 12 ] Bug #1377771 - CVE-2016-1923 CVE-2016-1924 openjpeg2: various flaws 
[epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1377771
  [ 13 ] Bug #1381271 - CVE-2016-8332 CVE-2016-9112 CVE-2016-9113 CVE-2016-9114 
CVE-2016-9115 CVE-2016-9116 CVE-2016-9117 CVE-2016-9118 openjpeg2: various 
flaws [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1381271
  [ 14 ] Bug #1377348 - CVE-2016-7445 openjpeg2: Null pointer dereference in 
convert.c [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1377348
  [ 15 ] Bug #1374343 - CVE-2016-7163 openjpeg2: various flaws [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1374343
  [ 16 ] Bug #1335773 - CVE-2015-8871 openjpeg2: openjpeg: Use-after-free in 
opj_j2k_write_mco function [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1335773
  [ 17 ] Bug #1317832 - CVE-2016-3181 openjpeg2: various flaws [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1317832
--------------------------------------------------------------------------------

This update can be installed with the "yum" update programs.  Use
su -c 'yum update openjpeg2' at the command line.
For more information, refer to "YUM", available at
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/System_Administrators_Guide/ch-yum.html

All packages are signed with the Fedora EPEL GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
epel-package-announce mailing list -- 
epel-package-announce@lists.fedoraproject.org
To unsubscribe send an email to 
epel-package-announce-le...@lists.fedoraproject.org

Reply via email to