The security review in comment #59 and comment #60 looks very nice. I skimmed over the issues and noticed that almost all of them affect the utility tools (in bin), not the library itself. You may or may not consider that relevant to the MIR. The issues affecting the library code are:
https://github.com/uclouvain/openjpeg/issues/719 https://github.com/uclouvain/openjpeg/issues/1071 https://github.com/uclouvain/openjpeg/issues/1076 https://github.com/uclouvain/openjpeg/issues/1077 https://github.com/uclouvain/openjpeg/issues/1078 There's also issue 1073, but that issue is disputed by upstream and doesn't affect Ubuntu anyway because Ubuntu uses system libtiff instead of the bundled code. All the other issues are in bin. ** Bug watch added: github.com/uclouvain/openjpeg/issues #719 https://github.com/uclouvain/openjpeg/issues/719 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/711061 Title: [MIR] openjpeg2 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openjpeg2/+bug/711061/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
