David Walser wrote: > Funda Wang wrote: >> Hello, >> >> Could somebody push openjpeg 1.5.0 into cauldron? It fixed >> CVE-2012-1499: The JPEG 2000 codec in OpenJPEG before 1.5 does not >> properly allocate memory during file parsing, which allows remote >> attackers to execute arbitrary code via a crafted file. >> >> Thanks. > > Funda, does a patch exist for this? Mageia 1 should be vulnerable to this.
Funda, do you know what upstream commit(s) fixes this?
