Public bug reported: The patch for CVE-2013-6045, as shipped in Ubuntu 10.04, 12.04, and 14.04, disables decoding of images whose first color component has a higher resolution than subsequent components. This occurs, for example, in YCbCr images with chroma subsampling. This regression does not affect newer Ubuntu releases which ship OpenJPEG 1.5.2 or above.
The original Debian bug report is <https://bugs.debian.org/734238>. Debian released an updated DSA on April 22 to correct the regression (https://lists.debian.org/debian-security-announce/2014/msg00090.html), but the fix has not propagated to Ubuntu. ** Affects: openjpeg (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1404084 Title: Fix for CVE-2013-6045 breaks decoding of chroma-subsampled images To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openjpeg/+bug/1404084/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
