** Changed in: openjpeg (Debian)
Status: Unknown => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openjpeg in Ubuntu.
https://bugs.launchpad.net/bugs/1404084
Title:
Fix for CVE-2013-6045 breaks decoding of chroma-subsampled images
Status in openjpeg package in Ubuntu:
New
Status in openjpeg package in Debian:
Fix Released
Bug description:
The patch for CVE-2013-6045, as shipped in Ubuntu 10.04, 12.04, and 14.04,
disables decoding of images whose first
color component has a higher resolution than subsequent components. This
occurs, for example, in YCbCr images with chroma subsampling. This regression
does not affect newer Ubuntu releases which ship OpenJPEG 1.5.2 or above.
The original Debian bug report is <https://bugs.debian.org/734238>.
Debian released an updated DSA on April 22 to correct the regression
(https://lists.debian.org/debian-security-
announce/2014/msg00090.html), but the fix has not propagated to
Ubuntu.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openjpeg/+bug/1404084/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : [email protected]
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
