UbuntuUpdates.org

Package "libopenjp2-7"

Name: libopenjp2-7

Description:

JPEG 2000 image compression/decompression library

Latest version: 2.5.0-2ubuntu0.2
Release: noble (24.04)
Level: security
Repository: main
Head package: openjpeg2
Homepage: https://www.openjpeg.org

Links


Download "libopenjp2-7"


Other versions of "libopenjp2-7" in Noble

Repository Area Version
base main 2.5.0-2build3
updates main 2.5.0-2ubuntu0.2

Changelog

Version: 2.5.0-2ubuntu0.2 2024-11-05 02:07:04 UTC

  openjpeg2 (2.5.0-2ubuntu0.2) noble-security; urgency=medium

  * SECURITY UPDATE: heap buffer overflow
    - debian/patches/CVE-2021-3575.patch: opj_decompress: fix off-by-one
      read heap-buffer-overflow in sycc420_to_rgb() when x0 and y0 are odd
    - CVE-2021-3575

 -- Bruce Cable <email address hidden> Tue, 22 Oct 2024 14:53:32 +1100

Source diff to previous version
CVE-2021-3575 A heap-based buffer overflow was found in openjpeg in color.c:379:42 in sycc420_to_rgb when decompressing a crafted .j2k file. An attacker could use

Version: 2.5.0-2ubuntu0.1 2024-09-26 09:07:08 UTC

  openjpeg2 (2.5.0-2ubuntu0.1) noble-security; urgency=medium

  * SECURITY UPDATE: resource consumption loop
    - debian/patches/CVE-2023-39327.patch: when EPH markers are specified,
      they are required
    - CVE-2023-39327

 -- Bruce Cable <email address hidden> Wed, 25 Sep 2024 12:59:53 +1000

CVE-2023-39327 A flaw was found in OpenJPEG. Maliciously constructed pictures can cause the program to enter a large loop and continuously print warning messages on



About   -   Send Feedback to @ubuntu_updates