Publishing details
Changelog
openjpeg2 (2.3.1-1ubuntu4.20.04.1) focal-security; urgency=medium
* SECURITY UPDATE: use-after-free via directory
- debian/patches/CVE-2020-15389.patch: fix double-free on input
directory with mix of valid and invalid images in
src/bin/jp2/opj_decompress.c.
- CVE-2020-15389
* SECURITY UPDATE: heap-buffer-overflow
- debian/patches/CVE-2020-27814-1.patch: grow buffer size in
src/lib/openjp2/tcd.c.
- debian/patches/CVE-2020-27814-2.patch: grow it again
- debian/patches/CVE-2020-27814-3.patch: and some more
- debian/patches/CVE-2020-27814-4.patch: bigger, BIGGER!!!
- CVE-2020-27814
* SECURITY UPDATE: heap-buffer-overflow write
- debian/patches/CVE-2020-27823.patch: fix wrong computation in
src/bin/jp2/convertpng.c.
- CVE-2020-27823
* SECURITY UPDATE: global-buffer-overflow
- debian/patches/CVE-2020-27824.patch: avoid global buffer overflow on
irreversible conversion when too many decomposition levels are
specified in src/lib/openjp2/dwt.c.
- CVE-2020-27824
* SECURITY UPDATE: out-of-bounds read
- debian/patches/CVE-2020-27841.patch: add extra checks to
src/lib/openjp2/pi.c, src/lib/openjp2/pi.h, src/lib/openjp2/t2.c.
- CVE-2020-27841
* SECURITY UPDATE: null pointer dereference
- debian/patches/CVE-2020-27842.patch: add check to
src/lib/openjp2/t2.c.
- CVE-2020-27842
* SECURITY UPDATE: out-of-bounds read
- debian/patches/CVE-2020-27843.patch: add check to
src/lib/openjp2/t2.c.
- CVE-2020-27843
* SECURITY UPDATE: out-of-bounds read
- debian/patches/CVE-2020-27845.patch: add extra checks to
src/lib/openjp2/pi.c.
- CVE-2020-27845
-- Marc Deslauriers <email address hidden> Wed, 06 Jan 2021 09:44:46 -0500
Builds
Built packages
-
libopenjp2-7
JPEG 2000 image compression/decompression library
-
libopenjp2-7-dbgsym
debug symbols for libopenjp2-7
-
libopenjp2-7-dev
development files for OpenJPEG, a JPEG 2000 image library
-
libopenjp2-tools
command-line tools using the JPEG 2000 library
-
libopenjp2-tools-dbgsym
debug symbols for libopenjp2-tools
-
libopenjp3d-tools
command-line tools using the JPEG 2000 - 3D library
-
libopenjp3d-tools-dbgsym
debug symbols for libopenjp3d-tools
-
libopenjp3d7
JP3D (JPEG 2000 / Part 10) image compression/decompression library
-
libopenjp3d7-dbgsym
debug symbols for libopenjp3d7
-
libopenjpip-dec-server
tool to allow caching of JPEG 2000 files using JPIP protocol
-
libopenjpip-dec-server-dbgsym
debug symbols for libopenjpip-dec-server
-
libopenjpip-server
JPIP server for JPEG 2000 files
-
libopenjpip-server-dbgsym
debug symbols for libopenjpip-server
-
libopenjpip-viewer
JPEG 2000 java based viewer for advanced remote JPIP access
-
libopenjpip7
JPEG 2000 Interactive Protocol
-
libopenjpip7-dbgsym
debug symbols for libopenjpip7
Package files