-------------------------------------------------------------------------------- Fedora EPEL Update Notification FEDORA-EPEL-2018-6ac908eac8 2018-03-11 19:41:18.534861 --------------------------------------------------------------------------------
Name : openjpeg2 Product : Fedora EPEL 6 Version : 2.3.0 Release : 6.el6 URL : https://github.com/uclouvain/openjpeg Summary : C-Library for JPEG 2000 Description : The OpenJPEG library is an open-source JPEG 2000 library developed in order to promote the use of JPEG 2000. This package contains * JPEG 2000 codec compliant with the Part 1 of the standard (Class-1 Profile-1 compliance). * JP2 (JPEG 2000 standard Part 2 - Handling of JP2 boxes and extended multiple component transforms for multispectral and hyperspectral imagery) -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2016-8332 CVE-2016-9112 CVE-2016-9113 CVE-2016-9114 CVE-2016-9115 CVE-2016-9116 CVE-2016-9117 CVE-2016-9118 and many others. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1487393 - CVE-2017-14151 CVE-2017-14152 openjpeg2: various flaws [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1487393 [ 2 ] Bug #1487381 - CVE-2016-10504 CVE-2016-10505 CVE-2016-10506 CVE-2016-10507 openjpeg2: various flaws [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1487381 [ 3 ] Bug #1418152 - CVE-2016-9112 openjpeg2: Floating point exception vulnerability in openjpeg2 when processing untrusted images [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1418152 [ 4 ] Bug #1335486 - CVE-2016-4796 CVE-2016-4797 openjpeg2: various flaws [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1335486 [ 5 ] Bug #1487769 - CVE-2017-14039 CVE-2017-14164 CVE-2017-17479 CVE-2017-17480 openjpeg2: various flaws [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1487769 [ 6 ] Bug #1487366 - CVE-2017-14040 CVE-2017-14041 openjpeg2: various flaws [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1487366 [ 7 ] Bug #1435069 - CVE-2016-9573 openjpeg2: openjpeg: heap out-of-bounds read due to insufficient check in imagetopnm() [epel-7] https://bugzilla.redhat.com/show_bug.cgi?id=1435069 [ 8 ] Bug #1422754 - CVE-2016-5139 CVE-2016-5158 CVE-2016-5159 openjpeg2: various flaws [epel-7] https://bugzilla.redhat.com/show_bug.cgi?id=1422754 [ 9 ] Bug #1422753 - CVE-2016-5139 CVE-2016-5158 CVE-2016-5159 openjpeg2: various flaws [epel-6] https://bugzilla.redhat.com/show_bug.cgi?id=1422753 [ 10 ] Bug #1405140 - CVE-2016-9580 CVE-2016-9581 openjpeg2: various flaws [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1405140 [ 11 ] Bug #1402722 - CVE-2016-9573 CVE-2016-9572 openjpeg2: various flaws [epel-6] https://bugzilla.redhat.com/show_bug.cgi?id=1402722 [ 12 ] Bug #1377771 - CVE-2016-1923 CVE-2016-1924 openjpeg2: various flaws [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1377771 [ 13 ] Bug #1381271 - CVE-2016-8332 CVE-2016-9112 CVE-2016-9113 CVE-2016-9114 CVE-2016-9115 CVE-2016-9116 CVE-2016-9117 CVE-2016-9118 openjpeg2: various flaws [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1381271 [ 14 ] Bug #1377348 - CVE-2016-7445 openjpeg2: Null pointer dereference in convert.c [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1377348 [ 15 ] Bug #1374343 - CVE-2016-7163 openjpeg2: various flaws [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1374343 [ 16 ] Bug #1335773 - CVE-2015-8871 openjpeg2: openjpeg: Use-after-free in opj_j2k_write_mco function [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1335773 [ 17 ] Bug #1317832 - CVE-2016-3181 openjpeg2: various flaws [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1317832 -------------------------------------------------------------------------------- This update can be installed with the "yum" update programs. Use su -c 'yum update openjpeg2' at the command line. For more information, refer to "YUM", available at https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/System_Administrators_Guide/ch-yum.html All packages are signed with the Fedora EPEL GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ epel-package-announce mailing list -- epel-package-announce@lists.fedoraproject.org To unsubscribe send an email to epel-package-announce-le...@lists.fedoraproject.org