MGASA-2019-0004
Vulnerability Summary
Timeline
Description
Updated openjpeg2 packages fix security vulnerabilities A stack-based buffer overflow in the pgxtoimage function in jpwl/convert.c could crash the converter (CVE-2017-17479). A stack-based buffer overflow in the pgxtovolume function in jp3d/convert.c could crash the converter (CVE-2017-17480). A flaw was found in OpenJPEG 2.3.0, there is an integer overflow caused by an out-of-bounds left shift in the opj_j2k_setup_encoder function (openjp2/j2k.c). Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file (CVE-2018-5785). In OpenJPEG 2.3.0, there is excessive iteration in the opj_t1_encode_cblks function of openjp2/t1.c. Attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file (CVE-2018-6616). A flaw was found in OpenJPEG 2.3.0. A NULL pointer dereference for "red" in the imagetopnm function of jp2/convert.c (CVE-2018-18088).
Affected Systems
- mageia•openjpeg2
< 2.2.0-1.3.mga6
References (5)
- https://advisories.mageia.org/MGASA-2019-0004.html
- https://bugs.mageia.org/show_bug.cgi?id=23147
- https://lists.opensuse.org/opensuse-updates/2018-05/msg00086.html
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/HKAGXKPJ2Z4TMUR3TVLTQ7SMTTIYGJKK/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/JAZ5ZQP5XJ23SE3ECBP4QQF2CGMK6USD/